CVE-2012-2334

Published Jun 19, 2012

Last updated 2 years ago

CVSS info 6.8

Overview

Description: Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-189

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apache:openoffice.org:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E6F3D98-01D4-4A3C-A166-6BA96F46A77C"
          },
          {
            "criteria": "cpe:2.3:a:apache:openoffice.org:3.4:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "092CAB2F-42F4-4F2D-AA1A-926DBBA93A91"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "585580A6-807B-4D69-A26A-587163E135AC",
            "versionEndIncluding": "3.5.2"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6EC7F36-4505-425A-858A-7CC7E11FAEEA"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "946A4315-09BD-4A88-82ED-F4922CD884CD"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A2508E2-C2C0-4949-B69C-B610E2F2058B"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "126BF2A1-6E4A-4504-904F-3BDF4B2DC7EC"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59FA72B2-802F-4562-87C2-4C1E4C7E9EFD"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50BB322E-AE9A-4108-82BA-AAB8A57F2FC2"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A836FE3-A50E-4ADD-8BD9-8D12C92A85CA"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6C94C91-2FD1-4AA6-89BC-677521F7617D"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE7CCA6E-2B1D-4270-AEB7-BE9820397163"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDF24972-A9FD-4780-8399-859658D63A3C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References