Buffer overflow in Kde Koffice

CVE-2012-3455

Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibl…

Vulnerability class: Buffer Overflow

EPSS: 0.053 (91.5th percentile) — read the EPSS interpretation.

Affected products

Kde Koffice — versions 1.2, 1.2.1, 1.3
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (mailing-list, x_refsource_MLIST)
secalert@redhat.com (mailing-list, x_refsource_MLIST)
secalert@redhat.com (mailing-list, x_refsource_MLIST)
secalert@redhat.com (mailing-list, x_refsource_MLIST)
secalert@redhat.com (vdb-entry, x_refsource_XF)
secalert@redhat.com (x_refsource_MISC)
secalert@redhat.com (mailing-list, x_refsource_MLIST)
secalert@redhat.com (x_refsource_UBUNTU, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM)