CVE-2012-2334

CWE-189 CWE-190 — Integer Overflow CWE-119 — Buffer Overflow9 documents8 sources

Severity

6.8MEDIUM

EPSS

8.5%

top 7.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libreoffice Libreoffice Apache Openoffice.org

Timeline

PublishedJun 19

Latest updateMay 17

Description

Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶Debianlibreoffice< 1:3.5.2~rc2-1+3

▶NVDlibreoffice/libreoffice3.5.2+10

▶NVDapache/openoffice.org3.3, 3.4+1

Patches

Patch: cgit.freedesktop.org ↗Patch: cgit.freedesktop.org ↗Patch: cgit.freedesktop.org ↗

🔴Vulnerability Details

GHSA

GHSA-pw69-whjp-72c8: Integer overflow in filter/source/msfilter/msdffimp↗2022-05-17

▶

CVEList

CVE-2012-2334: Integer overflow in filter/source/msfilter/msdffimp↗2012-06-19

▶

OSV

CVE-2012-2334: Integer overflow in filter/source/msfilter/msdffimp↗2012-06-19

▶

📋Vendor Advisories

Ubuntu

OpenOffice.org vulnerabilities↗2012-07-02

▶

Ubuntu

LibreOffice vulnerabilities↗2012-07-02

▶

Red Hat

libreoffice: Integer overflow leading to buffer overflow by processing invalid Escher graphics records length in the Powerpoint documents↗2012-05-16

▶

Debian

CVE-2012-2334: libreoffice - Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) ...↗2012

▶

💬Community

Bugzilla

CVE-2012-2334 openoffice.org, libreoffice: Integer overflow leading to buffer overflow by processing invalid Escher graphics records length in the Powerpoint documents↗2012-05-15

▶