Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice prior to 3.5.3, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libreoffice libreoffice |
||
debian debian linux 7.0 |
||
debian debian linux 6.0 |
||
redhat enterprise linux server aus 6.2 |
||
redhat enterprise linux server eus 6.2.z |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux 5.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux desktop 5.0 |
||
apache openoffice.org 3.4 |
||
apache openoffice.org 3.3.0 |
||
fedoraproject fedora 16 |
||
fedoraproject fedora 15 |