It was discovered that OpenOffice.org would not properly process crafted document files, possibly leading to arbitrary code execution. CVE-2012-1149 Integer overflows in PNG image handling. CVE-2012-2334 Integer overflow in operator new[] invocation and heap-based buffer overflow inside the MS-ODRAW parser. For the stable distribution (squeeze), this problem has been fixed in version 1:3.2.1-11+squeeze6. For the unstable distribution (sid), these problems have been fixed in version 1:3.5.2~rc2-1 of the libreoffice package. We recommend that you upgrade your openoffice.org packages.
It was discovered that OpenOffice.org would not properly process crafted document files, possibly leading to arbitrary code execution.
Integer overflows in PNG image handling.
Integer overflow in operator new[] invocation and heap-based buffer overflow inside the MS-ODRAW parser.
For the stable distribution (squeeze), this problem has been fixed in version 1:3.2.1-11+squeeze6.
For the unstable distribution (sid), these problems have been fixed in version 1:3.5.2~rc2-1 of the libreoffice package.
We recommend that you upgrade your openoffice.org packages.