QwikSec

Security Database

CVE

CWE

Training

CVE-2012-2149

Published: Jun 21, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The WPXContentListener::_closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org (OOo) before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report this issue as an integer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_GENTOO

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_REDHAT

https://www.sec-consult.com/files/20120518-0_openoffice_memory_overwrite.txt

x_refsource_MISC

20120516 CVE-2012-2149 OpenOffice.org memory overwrite vulnerability

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

http://www.openoffice.org/security/cves/CVE-2012-2149.html

x_refsource_CONFIRM

http://packetstormsecurity.org/files/112862/libwpd-WPXContentListener-_closeTableRow-Memory-Overwrite.html

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.