LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Windows) Network Vulnerability

Summary

This host is installed with LibreOffice and is prone to buffer overflow vulnerabilities.

Impact

Successful exploitation will allow remote attackers to cause a denial of service condition or execute arbitrary code. Impact Level: System/Application

Solution

Upgrade to LibreOffice version 3.5.5 or later, For updates refer to http://www.libreoffice.org/download/

Insight

Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality allows attacker to crash the application via crafted Open Document Tex (.odt) file.

Affected

LibreOffice version before 3.5.5 on Windows

References

http://osvdb.org/84441
http://osvdb.org/84442
http://secunia.com/advisories/50142/
http://www.libreoffice.org/advisories/CVE-2012-2665/

Updated on 2017-03-28

Severity

Classification

CVE CVE-2012-2665
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

CTorrent/Enhanced CTorrent Buffer Overflow Vulnerability
Adobe Reader 'mailListIsPdf' Buffer Overflow Vulnerability (Linux)
Adobe Air Buffer Overflow Vulnerability (Windows)
ActiveFax RAW Server Multiple Buffer Overflow Vulnerabilities
ChaSen Buffer Overflow Vulnerability (Linux)

Take action and discover your vulnerabilities