7.5
CVE-2012-1149
- EPSS 13.73%
- Veröffentlicht 21.06.2012 15:55:11
- Zuletzt bearbeitet 16.06.2026 23:39:08
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Libreoffice ≫ Libreoffice Version <= 3.5.2
Debian ≫ Debian Linux Version6.0
Debian ≫ Debian Linux Version7.0
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Enterprise Linux Desktop Version5.0
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Server Aus Version6.2
Redhat ≫ Enterprise Linux Server Eus Version6.2.z
Redhat ≫ Enterprise Linux Workstation Version6.0
Apache ≫ Openoffice.Org Version3.3.0
Apache ≫ Openoffice.Org Version3.4 Updatebeta
Fedoraproject ≫ Fedora Version15
Fedoraproject ≫ Fedora Version16
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 13.73% | 0.96 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/60799
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
http://secunia.com/advisories/50692
http://security.gentoo.org/glsa/glsa-201209-05.xml
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html
http://rhn.redhat.com/errata/RHSA-2012-0705.html
http://secunia.com/advisories/46992
http://secunia.com/advisories/47244
http://secunia.com/advisories/49373
http://secunia.com/advisories/49392
http://www.debian.org/security/2012/dsa-2487
http://www.mandriva.com/security/advisories?name=MDVSA-2012:090
http://www.mandriva.com/security/advisories?name=MDVSA-2012:091
http://www.securityfocus.com/bid/53570
http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html
http://secunia.com/advisories/49140
http://securitytracker.com/id?1027068
http://www.debian.org/security/2012/dsa-2473
http://www.libreoffice.org/advisories/cve-2012-1149/
http://www.openoffice.org/security/cves/CVE-2012-1149.html
http://www.osvdb.org/81988
https://exchange.xforce.ibmcloud.com/vulnerabilities/75692