CVE-2012-2334

Severity

68%

Complexity

86%

Confidentiality

106%

Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 13 years ago

2012-06-19 20:55:00

Last updated 7 years ago

2017-08-29 01:31:00

Affected Software

Apache Software Foundation OpenOffice.org 3.4 Beta

3.4

LibreOffice LibreOffice

References

20120516 CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0

http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da

Exploit, Patch

http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e

Exploit, Patch

FEDORA-2012-8114

RHSA-2012:0705

60799

1027070

DSA-2487

GLSA-201408-19

http://www.libreoffice.org/advisories/cve-2012-2334/

Vendor Advisory

MDVSA-2012:090

MDVSA-2012:091

http://www.openoffice.org/security/cves/CVE-2012-2334.html

Vendor Advisory

[oss-security] 20120528 Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification

82517

53570

https://bugzilla.redhat.com/show_bug.cgi?id=821803

openoffice-powerpoint-dos(75695)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.