Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
13 Feb 2023, 04:33
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow. |
02 Feb 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2012-2334 openoffice.org, libreoffice: Integer overflow leading to buffer overflow by processing invalid Escher graphics records length in the Powerpoint documents | |
References |
|
Information
Published : 2012-06-19 20:55
Updated : 2023-12-10 11:16
NVD link : CVE-2012-2334
Mitre link : CVE-2012-2334
CVE.ORG link : CVE-2012-2334
JSON object : View
Products Affected
libreoffice
- libreoffice
apache
- openoffice.org
CWE
CWE-189
Numeric Errors