ID de Prueba:	1.3.6.1.4.1.25623.1.0.803083
Categoría:	Buffer overflow
Título:	OpenOffice Multiple Buffer Overflow Vulnerabilities (Dec 2012) - Windows
Resumen:	OpenOffice is prone to multiple vulnerabilities.
Descripción:	Summary: OpenOffice is prone to multiple vulnerabilities. Vulnerability Insight: - An integer overflow error in the vclmi.dll module when allocating memory for an embedded image object. - Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality allows attacker to crash the application via crafted Open Document Tex (.odt) file. Vulnerability Impact: Successful exploitation will allow remote attackers to cause a denial of service condition or execute arbitrary code. Affected Software/OS: OpenOffice version before 3.4.1 on windows Solution: Upgrade to OpenOffice version 3.4.1 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1149 1027068 http://securitytracker.com/id?1027068 20120516 CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html 46992 http://secunia.com/advisories/46992 47244 http://secunia.com/advisories/47244 49140 http://secunia.com/advisories/49140 49373 http://secunia.com/advisories/49373 49392 http://secunia.com/advisories/49392 50692 http://secunia.com/advisories/50692 53570 http://www.securityfocus.com/bid/53570 60799 http://secunia.com/advisories/60799 81988 http://www.osvdb.org/81988 DSA-2473 http://www.debian.org/security/2012/dsa-2473 DSA-2487 http://www.debian.org/security/2012/dsa-2487 FEDORA-2012-8042 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html FEDORA-2012-8114 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html GLSA-201209-05 http://security.gentoo.org/glsa/glsa-201209-05.xml GLSA-201408-19 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MDVSA-2012:090 http://www.mandriva.com/security/advisories?name=MDVSA-2012:090 MDVSA-2012:091 http://www.mandriva.com/security/advisories?name=MDVSA-2012:091 RHSA-2012:0705 http://rhn.redhat.com/errata/RHSA-2012-0705.html http://www.libreoffice.org/advisories/cve-2012-1149/ http://www.openoffice.org/security/cves/CVE-2012-1149.html openoffice-vclmi-bo(75692) https://exchange.xforce.ibmcloud.com/vulnerabilities/75692 Common Vulnerability Exposure (CVE) ID: CVE-2012-2665 1027331 http://www.securitytracker.com/id?1027331 1027332 http://www.securitytracker.com/id?1027332 50142 http://secunia.com/advisories/50142 50146 http://secunia.com/advisories/50146 54769 http://www.securityfocus.com/bid/54769 DSA-2520 http://www.debian.org/security/2012/dsa-2520 RHSA-2012:1135 http://rhn.redhat.com/errata/RHSA-2012-1135.html USN-1536-1 http://www.ubuntu.com/usn/USN-1536-1 USN-1537-1 http://www.ubuntu.com/usn/USN-1537-1 http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/ http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt https://bugzilla.redhat.com/show_bug.cgi?id=826077
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.