LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Mac OS X) Network Vulnerability

Summary

This host is installed with LibreOffice and is prone to buffer overflow vulnerabilities.

Impact

Successful exploitation will allow remote attackers to cause a denial of service condition or execute arbitrary code. Impact Level: System/Application

Solution

Upgrade to LibreOffice version 3.5.5 or later, For updates refer to http://www.libreoffice.org/download/

Insight

Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality allows attacker to crash the application via crafted Open Document Tex (.odt) file.

Affected

LibreOffice version before 3.5.5 on Mac OS X

References

http://osvdb.org/84441
http://osvdb.org/84442
http://secunia.com/advisories/50142/
http://www.libreoffice.org/advisories/CVE-2012-2665/

Updated on 2017-03-28

Severity

Classification

CVE CVE-2012-2665

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Reader/Acrobat Multiple BOF Vulnerabilities - Jun09 (Win)
Blazevideo HDTV Player PLF File Buffer Overflow Vulnerability
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Mac OS X)
Adobe Flash Player Multiple Vulnerabilities - Mar09 (Linux)
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)

Take action and discover your vulnerabilities