Buffer overflow in Apache Openoffice

CVE-2013-2189

Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.

Vulnerability class: Buffer Overflow

EPSS: 0.012 (79.5th percentile) — read the EPSS interpretation.

Affected products

Apache Openoffice
N/a — versions n/a

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

20130726 CVE-2013-2189: OpenOffice DOC Memory Corruption Vulnerability (mailing-list, x_refsource_BUGTRAQ, Mailing List, Third Party Advisory, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
95704 (x_refsource_OSVDB, vdb-entry, Broken Link)