CVE-2012-2334

Published: Jun 19, 2012Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.

Affected (13)

Products: Apache: Openoffice.org · Libreoffice: Libreoffice

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apache Openoffice.org	Version 3.3
Apache Openoffice.org	Version 3.4 beta

Configuration B

11 vulnerable

Vulnerable Software	Affected Versions
Libreoffice Libreoffice	Up to 3.5.2
Libreoffice Libreoffice	Version 3.3.0
Libreoffice Libreoffice	Version 3.3.1
Libreoffice Libreoffice	Version 3.3.2
Libreoffice Libreoffice	Version 3.3.3
Libreoffice Libreoffice	Version 3.3.4
Libreoffice Libreoffice	Version 3.4.0
Libreoffice Libreoffice	Version 3.4.1
Libreoffice Libreoffice	Version 3.4.2
Libreoffice Libreoffice	Version 3.4.5
Libreoffice Libreoffice	Version 3.5

Related CWEs

References (44)

http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html

Source: secalert@redhat.com

http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da

Source: secalert@redhat.com

ExploitPatch

http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e

Source: secalert@redhat.com

ExploitPatch

http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2012-0705.html

Source: secalert@redhat.com

http://secunia.com/advisories/46992

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/47244

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/49373

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/49392

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/60799

Source: secalert@redhat.com

http://securitytracker.com/id?1027070

Source: secalert@redhat.com

http://www.debian.org/security/2012/dsa-2487

Source: secalert@redhat.com

http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml

Source: secalert@redhat.com

http://www.libreoffice.org/advisories/cve-2012-2334/

Source: secalert@redhat.com

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2012:090

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2012:091

Source: secalert@redhat.com

http://www.openoffice.org/security/cves/CVE-2012-2334.html

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/05/28/2

Source: secalert@redhat.com

http://www.osvdb.org/82517

Source: secalert@redhat.com

http://www.securityfocus.com/bid/53570

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=821803

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/75695

Source: secalert@redhat.com

http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2012-0705.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/46992

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/47244

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/49373

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/49392

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/60799

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1027070

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2012/dsa-2487

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.libreoffice.org/advisories/cve-2012-2334/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2012:090

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2012:091

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openoffice.org/security/cves/CVE-2012-2334.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/05/28/2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/82517

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/53570

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=821803

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/75695

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.