CVE-2012-1149
CVE-2012-1149
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.htmlhttp://rhn.redhat.com/errata/RHSA-2012-0705.htmlhttp://secunia.com/advisories/46992http://secunia.com/advisories/47244http://secunia.com/advisories/49140http://secunia.com/advisories/49373http://secunia.com/advisories/49392http://secunia.com/advisories/50692http://secunia.com/advisories/60799http://security.gentoo.org/glsa/glsa-201209-05.xml