CVE-2012-2665

Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
apacheopenoffice
𝑥
< 3.4.1
libreofficelibreoffice
𝑥
< 3.5.5
canonicalubuntu_linux
10.04
canonicalubuntu_linux
11.04
canonicalubuntu_linux
11.10
canonicalubuntu_linux
12.04
debiandebian_linux
6.0
debiandebian_linux
7.0
redhatenterprise_linux
6.0
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_for_ibm_z_systems
6.0
redhatenterprise_linux_for_power_big_endian
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_server_from_rhui_6
6.0
redhatenterprise_linux_workstation
6.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libreoffice
bookworm
4:7.4.7-1+deb12u4
fixed
bookworm (security)
4:7.4.7-1+deb12u5
fixed
bullseye
1:7.0.4-4+deb11u10
fixed
bullseye (security)
1:7.0.4-4+deb11u11
fixed
sid
4:24.8.2-2
fixed
trixie
4:24.8.2-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libreoffice
hardy
dne
lucid
dne
natty
Fixed 1:3.3.4-0ubuntu1.4
released
oneiric
Fixed 1:3.4.4-0ubuntu1.4
released
precise
Fixed 1:3.5.4-0ubuntu1.1
released
openoffice.org
hardy
ignored
lucid
Fixed 1:3.2.0-7ubuntu4.4
released
natty
not-affected
oneiric
not-affected
precise
not-affected
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
autocorr-af
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-bg
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-cs
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-da
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-de
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-en
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-es
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-eu
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-fa
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-fi
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-fr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-ga
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-hr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-hu
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-it
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-ja
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-ko
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-lb
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-lt
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-mn
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-nl
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-pl
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-pt
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-ru
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-sk
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-sl
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-sr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-sv
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-tr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-vi
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
autocorr-zh
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-base
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-bsh
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-calc
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-core
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-draw
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-emailmerge
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-gdb-debug-support
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-graphicfilter
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-headless
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-impress
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-javafilter
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-af
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ar
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-as
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-bg
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-bn
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ca
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-cs
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-cy
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-da
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-de
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-dz
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-el
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-en
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-es
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-et
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-eu
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-fi
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-fr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ga
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-gl
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-gu
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-he
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-hi
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-hr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-hu
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-it
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ja
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-kn
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ko
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-lt
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-mai
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ml
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-mr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ms
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-nb
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-nl
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-nn
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-nr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-nso
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-or
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-pa
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-pl
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-pt-BR
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-pt-PT
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ro
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ru
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-sk
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-sl
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-sr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ss
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-st
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-sv
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ta
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-te
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-th
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-tn
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-tr
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ts
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-uk
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ur
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-ve
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-xh
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-zh-Hans
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-zh-Hant
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-langpack-zu
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-math
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-ogltrans
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-opensymbol-fonts
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-pdfimport
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-presentation-minimizer
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-presenter-screen
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-pyuno
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-report-builder
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-rhino
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-sdk
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-sdk-doc
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-testtools
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-ure
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-wiki-publisher
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-writer
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
libreoffice-xsltfilter
RHEL 6
1:3.4.5.2-16.1.el6_3
fixed
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2012-1135.html
http://secunia.com/advisories/50142
http://secunia.com/advisories/50146
http://secunia.com/advisories/50692
http://secunia.com/advisories/60799
http://security.gentoo.org/glsa/glsa-201209-05.xml
http://www.debian.org/security/2012/dsa-2520
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/
http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt
http://www.securityfocus.com/bid/54769
http://www.securitytracker.com/id?1027331
http://www.securitytracker.com/id?1027332
http://www.ubuntu.com/usn/USN-1536-1
http://www.ubuntu.com/usn/USN-1537-1
https://bugzilla.redhat.com/show_bug.cgi?id=826077
http://rhn.redhat.com/errata/RHSA-2012-1135.html
http://secunia.com/advisories/50142
http://secunia.com/advisories/50146
http://secunia.com/advisories/50692
http://secunia.com/advisories/60799
http://security.gentoo.org/glsa/glsa-201209-05.xml
http://www.debian.org/security/2012/dsa-2520
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/
http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt
http://www.securityfocus.com/bid/54769
http://www.securitytracker.com/id?1027331
http://www.securitytracker.com/id?1027332
http://www.ubuntu.com/usn/USN-1536-1
http://www.ubuntu.com/usn/USN-1537-1
https://bugzilla.redhat.com/show_bug.cgi?id=826077