what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2012-2149

Status Candidate

Overview

The WPXContentListener::_closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org (OOo) before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report this issue as an integer overflow.

Related Files

Gentoo Linux Security Advisory 201408-19
Posted Sep 2, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201408-19 - Multiple vulnerabilities have been found in OpenOffice and LibreOffice, the worst of which may result in execution of arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2006-4339, CVE-2009-0200, CVE-2009-0201, CVE-2009-0217, CVE-2009-2949, CVE-2009-2950, CVE-2009-3301, CVE-2009-3302, CVE-2010-0395, CVE-2010-2935, CVE-2010-2936, CVE-2010-3450, CVE-2010-3451, CVE-2010-3452, CVE-2010-3453, CVE-2010-3454, CVE-2010-3689, CVE-2010-4253, CVE-2010-4643, CVE-2011-2713, CVE-2012-0037, CVE-2012-1149, CVE-2012-2149, CVE-2012-2334, CVE-2012-2665, CVE-2014-0247
SHA-256 | 25cba7cb86e5c00a8edba21108a03562ceee1d3bf37cd0e99baa6eabd8e19dc3
Red Hat Security Advisory 2012-1043-01
Posted Jun 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1043-01 - libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents. An attacker could provide a specially-crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-2149
SHA-256 | e23252ae448c1a44a7f03eeeafc940ab7c8d750681fe5a9dbffb9731f0bfe7c1
libwpd WPXContentListener::_closeTableRow() Memory Overwrite
Posted May 18, 2012
Authored by Kestutis Gudinavicius | Site sec-consult.com

OpenOffice.org includes the customized libwpd version 0.8.8 library for parsing WordPerfect documents. The used version of the libwpd library suffers from a memory overwrite vulnerability when reading a specially crafted WPD file. Successful exploitation of this vulnerability could result in an arbitrary code execution within the OpenOffice.org software suite.

tags | advisory, arbitrary, code execution
advisories | CVE-2012-2149
SHA-256 | c0fbf3513a8c6f3a2d74cceeb3b60aa04aa8253399451b37f5db876426268ecb
OpenOffice.org Memory Overwrite
Posted May 16, 2012
Authored by Kestutis Gudinavicius

OpenOffice.org versions 3.3 and 3.4 Beta suffer from a memory overwrite vulnerability.

tags | advisory
advisories | CVE-2012-2149
SHA-256 | 8835dab05febe30ee3df1bb4c48de2c02504156f840dc2d1d9c1e0014179f8ce
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close