CVE-2012-1149

EPSS 1.2%

openoffice.org - buffer overflow

發布日:2012/6/21修改日:2026/4/28

描述

Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.

受影響套件(3)

Debian/libreofficefrom 0, < 1:3.4.5-1
Debian/openoffice.orgfrom 0, < 1:3.2.1-11+squeeze5
Debian/openoffice.orgfrom 0, < 1:3.2.1-11+squeeze6

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-1149