Buffer overflow in Apache Openoffice

CVE-2012-2665

Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a craf…

Vulnerability class: Buffer Overflow

EPSS: 0.050 (89.9th percentile) — read the EPSS interpretation.

Affected products

Apache Openoffice
Libreoffice
Canonical Ubuntu_linux — versions 10.04, 11.04, 11.10
Debian Debian_linux — versions 6.0, 7.0
Redhat Enterprise_linux — versions 6.0
Redhat Enterprise_linux_desktop — versions 6.0
Redhat Enterprise_linux_for_ibm_z_systems — versions 6.0
Redhat Enterprise_linux_for_power_big_endian — versions 6.0
Redhat Enterprise_linux_server — versions 6.0
Redhat Enterprise_linux_server_from_rhui_6 — versions 6.0

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

60799 (x_refsource_SECUNIA, Broken Link, third-party-advisory)
GLSA-201408-19 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
GLSA-201209-05 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
secalert@redhat.com (Third Party Advisory, x_refsource_MISC, Issue Tracking)
DSA-2520 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
USN-1536-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)
RHSA-2012:1135 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
secalert@redhat.com (Third Party Advisory, x_refsource_MISC)
54769 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID, Broken Link)
50692 (x_refsource_SECUNIA, Broken Link, third-party-advisory)