Back to search
CVE-2012-2665
Published: Aug 6, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
60799
third-party-advisory
x_refsource_SECUNIA
GLSA-201408-19
vendor-advisory
x_refsource_GENTOO
GLSA-201209-05
vendor-advisory
x_refsource_GENTOO
https://bugzilla.redhat.com/show_bug.cgi?id=826077
x_refsource_MISC
DSA-2520
vendor-advisory
x_refsource_DEBIAN
USN-1536-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2012:1135
vendor-advisory
x_refsource_REDHAT
http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt
x_refsource_MISC
54769
vdb-entry
x_refsource_BID
50692
third-party-advisory
x_refsource_SECUNIA
1027332
vdb-entry
x_refsource_SECTRACK
1027331
vdb-entry
x_refsource_SECTRACK
50142
third-party-advisory
x_refsource_SECUNIA
USN-1537-1
vendor-advisory
x_refsource_UBUNTU
http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/
x_refsource_CONFIRM
50146
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now