CVE-2012-3455

Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document.  NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
kdekoffice
𝑥
≤ 2.3.3
kdekoffice
1.2
kdekoffice
1.2.1
kdekoffice
1.3
kdekoffice
1.3:beta1
kdekoffice
1.3:beta2
kdekoffice
1.3:beta3
kdekoffice
1.3.1
kdekoffice
1.3.2
kdekoffice
1.3.3
kdekoffice
1.3.4
kdekoffice
1.3.5
kdekoffice
1.4
kdekoffice
1.4.1
kdekoffice
1.4.2
kdekoffice
1.6.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
koffice
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
Fixed 1:2.3.3-0ubuntu6.1
released
natty
Fixed 1:2.3.3-0ubuntu4.1
released
lucid
ignored
hardy
ignored
wv2
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
not-affected
utopic
not-affected
trusty
dne
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
ignored
oneiric
ignored
natty
ignored
lucid
ignored
hardy
ignored
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-updates/2012-08/msg00040.html
http://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf
http://secunia.com/advisories/50199
http://www.kde.org/info/security/advisory-20120810-1.txt
http://www.openwall.com/lists/oss-security/2012/08/04/1
http://www.openwall.com/lists/oss-security/2012/08/04/5
http://www.openwall.com/lists/oss-security/2012/08/06/1
http://www.openwall.com/lists/oss-security/2012/08/06/6
http://www.openwall.com/lists/oss-security/2012/08/10/1
http://www.securityfocus.com/bid/54816
http://www.ubuntu.com/usn/USN-1526-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/77483
http://lists.opensuse.org/opensuse-updates/2012-08/msg00040.html
http://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf
http://secunia.com/advisories/50199
http://www.kde.org/info/security/advisory-20120810-1.txt
http://www.openwall.com/lists/oss-security/2012/08/04/1
http://www.openwall.com/lists/oss-security/2012/08/04/5
http://www.openwall.com/lists/oss-security/2012/08/06/1
http://www.openwall.com/lists/oss-security/2012/08/06/6
http://www.openwall.com/lists/oss-security/2012/08/10/1
http://www.securityfocus.com/bid/54816
http://www.ubuntu.com/usn/USN-1526-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/77483