Published: 21/06/2012 Updated: 13/02/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice prior to 3.5.3, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libreoffice libreoffice
debian debian linux 7.0
debian debian linux 6.0
redhat enterprise linux server aus 6.2
redhat enterprise linux server eus 6.2.z
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux 5.0
redhat enterprise linux workstation 6.0
redhat enterprise linux desktop 5.0
apache openoffice.org 3.4
apache openoffice.org 3.3.0
fedoraproject fedora 16
fedoraproject fedora 15

Synopsis Important: openofficeorg security update Type/Severity Security Advisory: Important Topic Updated openofficeorg packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as havingimportant security imp ...

LibreOffice could be made to crash or potentially run programs as your login if it opened a specially crafted file ...

OpenOfficeorg could be made to crash or potentially run programs as your login if it opened a specially crafted file ...

Tielei Wang discovered that OpenOfficeorg does not allocate a large enough memory region when processing a specially crafted JPEG object, leading to a heap-based buffer overflow and potentially arbitrary code execution For the stable distribution (squeeze), this problem has been fixed in version 1:321-11+squeeze5 For the testing distribution ( ...

It was discovered that OpenOfficeorg would not properly process crafted document files, possibly leading to arbitrary code execution CVE-2012-1149 Integer overflows in PNG image handling CVE-2012-2334 Integer overflow in operator new[] invocation and heap-based buffer overflow inside the MS-ODRAW parser For the stable distribution (squeeze ...

CWE-189 http://rhn.redhat.com/errata/RHSA-2012-0705.html http://www.osvdb.org/81988 http://www.mandriva.com/security/advisories?name=MDVSA-2012:090 http://www.debian.org/security/2012/dsa-2487 http://www.securityfocus.com/bid/53570 http://www.openoffice.org/security/cves/CVE-2012-1149.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:091 http://secunia.com/advisories/49392 http://www.debian.org/security/2012/dsa-2473 http://securitytracker.com/id?1027068 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html http://secunia.com/advisories/46992 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html http://secunia.com/advisories/49373 http://secunia.com/advisories/47244 http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html http://secunia.com/advisories/49140 http://security.gentoo.org/glsa/glsa-201209-05.xml http://secunia.com/advisories/50692 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://secunia.com/advisories/60799 http://www.libreoffice.org/advisories/cve-2012-1149/https://exchange.xforce.ibmcloud.com/vulnerabilities/75692 https://access.redhat.com/errata/RHSA-2012:0705 https://nvd.nist.gov https://usn.ubuntu.com/1495-1/

CVE-2012-1149

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect