Vulnerability Details : CVE-2012-2334
Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2012-2334
- cpe:2.3:a:apache:openoffice.org:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:openoffice.org:3.4:beta:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:3.4.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-2334
4.03%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-2334
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2012-2334
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-2334
-
http://www.securityfocus.com/bid/53570
OpenOffice Prior to 3.4 Multiple Memory Corruption Vulnerabilities
-
http://rhn.redhat.com/errata/RHSA-2012-0705.html
RHSA-2012:0705 - Security Advisory - Red Hat Customer Portal
-
http://www.debian.org/security/2012/dsa-2487
Debian -- Security Information -- DSA-2487-1 openoffice.org
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html
[SECURITY] Fedora 15 Update: libreoffice-3.3.4.1-5.fc15
-
http://www.mandriva.com/security/advisories?name=MDVSA-2012:091
mandriva.com
-
http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html
-
http://www.mandriva.com/security/advisories?name=MDVSA-2012:090
mandriva.com
-
http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e
libreoffice/core - main, development code repositoryExploit;Patch
-
http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da
libreoffice/core - main, development code repositoryExploit;Patch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/75695
OpenOffice.org PowerPoint denial of service CVE-2012-2334 Vulnerability Report
-
http://www.libreoffice.org/advisories/cve-2012-2334/
CVE-2012-2334 | LibreOffice - Free Office Suite - Fun Project - Fantastic PeopleVendor Advisory
-
http://securitytracker.com/id?1027070
OpenOffice.org PowerPoint Processing Flaw May Let Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.openoffice.org/security/cves/CVE-2012-2334.html
CVE-2012-2334Vendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=821803
821803 – (CVE-2012-2334) CVE-2012-2334 openoffice.org, libreoffice: Integer overflow leading to buffer overflow by processing invalid Escher graphics records length in the Powerpoint documents
-
http://www.openwall.com/lists/oss-security/2012/05/28/2
oss-security - Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification
-
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
OpenOffice, LibreOffice: Multiple vulnerabilities (GLSA 201408-19) — Gentoo security
Jump to