CVE-2012-2334

Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
apacheopenoffice.org
3.3
apacheopenoffice.org
3.4:beta
libreofficelibreoffice
𝑥
≤ 3.5.2
libreofficelibreoffice
3.3.0
libreofficelibreoffice
3.3.1
libreofficelibreoffice
3.3.2
libreofficelibreoffice
3.3.3
libreofficelibreoffice
3.3.4
libreofficelibreoffice
3.4.0
libreofficelibreoffice
3.4.1
libreofficelibreoffice
3.4.2
libreofficelibreoffice
3.4.5
libreofficelibreoffice
3.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libreoffice
bookworm
4:7.4.7-1+deb12u4
fixed
bookworm (security)
4:7.4.7-1+deb12u5
fixed
bullseye
1:7.0.4-4+deb11u10
fixed
bullseye (security)
1:7.0.4-4+deb11u11
fixed
sid
4:24.8.2-2
fixed
trixie
4:24.8.2-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libreoffice
hardy
dne
lucid
dne
natty
Fixed 1:3.3.4-0ubuntu1.2
released
oneiric
Fixed 1:3.4.4-0ubuntu1.2
released
precise
not-affected
openoffice.org
hardy
ignored
lucid
Fixed 1:3.2.0-7ubuntu4.3
released
natty
not-affected
oneiric
not-affected
precise
not-affected
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
autocorr-af
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-bg
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-cs
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-da
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-de
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-en
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-es
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-eu
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-fa
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-fi
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-fr
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-ga
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-hu
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-it
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-ja
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-ko
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-lb
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-lt
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-mn
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-nl
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-pl
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-pt
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-ru
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-sk
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-sl
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-sv
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-tr
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-vi
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
autocorr-zh
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
broffice.org-base
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
broffice.org-brand
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
broffice.org-calc
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
broffice.org-draw
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
broffice.org-impress
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
broffice.org-math
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
broffice.org-writer
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-base
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-base-core
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-brand
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-bsh
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-calc
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-calc-core
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-core
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-devel
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-draw
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-draw-core
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-emailmerge
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-graphicfilter
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-headless
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-impress
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-impress-core
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-javafilter
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-af
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ar
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-as
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-bg
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-bn
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ca
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-cs
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-cy
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-da
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-de
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-dz
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-el
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-en
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-es
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-et
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-eu
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-fi
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-fr
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ga
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-gl
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-gu
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-he
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-hi
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-hr
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-hu
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-it
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ja
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-kn
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ko
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-lt
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-mai
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ml
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-mr
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ms
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-nb
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-nl
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-nn
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-nr
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-nso
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-or
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-pa
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-pl
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-pt
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ro
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ru
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-sk
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-sl
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-sr
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ss
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-st
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-sv
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ta
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-te
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-th
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-tn
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-tr
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ts
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-uk
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ur
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-ve
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-xh
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-zh
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-langpack-zu
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-math
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-math-core
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-ogltrans
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-opensymbol-fonts
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-pdfimport
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-presentation-minimizer
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-presenter-screen
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-pyuno
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-report-builder
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-rhino
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-sdk
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-sdk-doc
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-testtools
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-ure
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-wiki-publisher
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-writer
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-writer-core
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
openoffice.org-xsltfilter
RHEL 6
1:3.2.1-19.6.el6_2.7
fixed
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html
http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da
http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html
http://rhn.redhat.com/errata/RHSA-2012-0705.html
http://secunia.com/advisories/46992
http://secunia.com/advisories/47244
http://secunia.com/advisories/49373
http://secunia.com/advisories/49392
http://secunia.com/advisories/60799
http://securitytracker.com/id?1027070
http://www.debian.org/security/2012/dsa-2487
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
http://www.libreoffice.org/advisories/cve-2012-2334/
http://www.mandriva.com/security/advisories?name=MDVSA-2012:090
http://www.mandriva.com/security/advisories?name=MDVSA-2012:091
http://www.openoffice.org/security/cves/CVE-2012-2334.html
http://www.openwall.com/lists/oss-security/2012/05/28/2
http://www.osvdb.org/82517
http://www.securityfocus.com/bid/53570
https://bugzilla.redhat.com/show_bug.cgi?id=821803
https://exchange.xforce.ibmcloud.com/vulnerabilities/75695
http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html
http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da
http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html
http://rhn.redhat.com/errata/RHSA-2012-0705.html
http://secunia.com/advisories/46992
http://secunia.com/advisories/47244
http://secunia.com/advisories/49373
http://secunia.com/advisories/49392
http://secunia.com/advisories/60799
http://securitytracker.com/id?1027070
http://www.debian.org/security/2012/dsa-2487
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
http://www.libreoffice.org/advisories/cve-2012-2334/
http://www.mandriva.com/security/advisories?name=MDVSA-2012:090
http://www.mandriva.com/security/advisories?name=MDVSA-2012:091
http://www.openoffice.org/security/cves/CVE-2012-2334.html
http://www.openwall.com/lists/oss-security/2012/05/28/2
http://www.osvdb.org/82517
http://www.securityfocus.com/bid/53570
https://bugzilla.redhat.com/show_bug.cgi?id=821803
https://exchange.xforce.ibmcloud.com/vulnerabilities/75695