Buffer overflow : LibreOffice Graphic Object Loading Buffer Overflow Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.803084

Categoría: Buffer overflow

Título: LibreOffice Graphic Object Loading Buffer Overflow Vulnerability - Windows

Resumen: LibreOffice is prone to a buffer overflow vulnerability.

Descripción: Summary:
LibreOffice is prone to a buffer overflow vulnerability.

Vulnerability Insight:
An integer overflow error within the vclmi.dll module when allocating memory
for an embedded image object allows attacker to crash the application.

Vulnerability Impact:
Successful exploitation will allow remote attackers to cause a denial of
service condition or execute arbitrary code.

Affected Software/OS:
LibreOffice version before 3.5.3 on Windows

Solution:
Upgrade to LibreOffice version 3.5.3 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-1149
1027068
http://securitytracker.com/id?1027068
20120516 CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object
http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html
46992
http://secunia.com/advisories/46992
47244
http://secunia.com/advisories/47244
49140
http://secunia.com/advisories/49140
49373
http://secunia.com/advisories/49373
49392
http://secunia.com/advisories/49392
50692
http://secunia.com/advisories/50692
53570
http://www.securityfocus.com/bid/53570
60799
http://secunia.com/advisories/60799
81988
http://www.osvdb.org/81988
DSA-2473
http://www.debian.org/security/2012/dsa-2473
DSA-2487
http://www.debian.org/security/2012/dsa-2487
FEDORA-2012-8042
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html
FEDORA-2012-8114
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html
GLSA-201209-05
http://security.gentoo.org/glsa/glsa-201209-05.xml
GLSA-201408-19
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
MDVSA-2012:090
http://www.mandriva.com/security/advisories?name=MDVSA-2012:090
MDVSA-2012:091
http://www.mandriva.com/security/advisories?name=MDVSA-2012:091
RHSA-2012:0705
http://rhn.redhat.com/errata/RHSA-2012-0705.html
http://www.libreoffice.org/advisories/cve-2012-1149/
http://www.openoffice.org/security/cves/CVE-2012-1149.html
openoffice-vclmi-bo(75692)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75692

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.803084
Categoría:	Buffer overflow
Título:	LibreOffice Graphic Object Loading Buffer Overflow Vulnerability - Windows
Resumen:	LibreOffice is prone to a buffer overflow vulnerability.
Descripción:	Summary: LibreOffice is prone to a buffer overflow vulnerability. Vulnerability Insight: An integer overflow error within the vclmi.dll module when allocating memory for an embedded image object allows attacker to crash the application. Vulnerability Impact: Successful exploitation will allow remote attackers to cause a denial of service condition or execute arbitrary code. Affected Software/OS: LibreOffice version before 3.5.3 on Windows Solution: Upgrade to LibreOffice version 3.5.3 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1149 1027068 http://securitytracker.com/id?1027068 20120516 CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html 46992 http://secunia.com/advisories/46992 47244 http://secunia.com/advisories/47244 49140 http://secunia.com/advisories/49140 49373 http://secunia.com/advisories/49373 49392 http://secunia.com/advisories/49392 50692 http://secunia.com/advisories/50692 53570 http://www.securityfocus.com/bid/53570 60799 http://secunia.com/advisories/60799 81988 http://www.osvdb.org/81988 DSA-2473 http://www.debian.org/security/2012/dsa-2473 DSA-2487 http://www.debian.org/security/2012/dsa-2487 FEDORA-2012-8042 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html FEDORA-2012-8114 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html GLSA-201209-05 http://security.gentoo.org/glsa/glsa-201209-05.xml GLSA-201408-19 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MDVSA-2012:090 http://www.mandriva.com/security/advisories?name=MDVSA-2012:090 MDVSA-2012:091 http://www.mandriva.com/security/advisories?name=MDVSA-2012:091 RHSA-2012:0705 http://rhn.redhat.com/errata/RHSA-2012-0705.html http://www.libreoffice.org/advisories/cve-2012-1149/ http://www.openoffice.org/security/cves/CVE-2012-1149.html openoffice-vclmi-bo(75692) https://exchange.xforce.ibmcloud.com/vulnerabilities/75692
Copyright	Copyright (C) 2012 Greenbone AG