CVE-2012-3455
https://notcve.org/view.php?id=CVE-2012-3455
Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase. Desbordamiento de búfer de memoria dinámica en la función de lectura en filters/words/msword-odf/wv2/src/styles.cpp en el filtro Microsoft import filter in KOffice 2.3.3 y anteriores que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) y posiblemente la ejecución de código arbitrario a través de un estilo ODF manipulado en un documento ODF. NOTA:esta es la misma vulnerabilidad que CVE-2012-3456, pero fue dividida por el CNA debido a que Calligra y KOffice comparten parte del mismo código. • http://lists.opensuse.org/opensuse-updates/2012-08/msg00040.html http://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf http://secunia.com/advisories/50199 http://www.kde.org/info/security/advisory-20120810-1.txt http://www.openwall.com/lists/oss-security/2012/08/04/1 http://www.openwall.com/lists/oss-security/2012/08/04/5 http://www.openwall.com/lists/oss-security/2012/08/06/1 http://www.openwall.com/lists/oss- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-2971
https://notcve.org/view.php?id=CVE-2005-2971
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file. • http://scary.beasts.org/security/CESA-2005-005.txt http://secunia.com/advisories/17145 http://secunia.com/advisories/17171 http://secunia.com/advisories/17190 http://secunia.com/advisories/17212 http://secunia.com/advisories/17332 http://secunia.com/advisories/17480 http://secunia.com/advisories/17486 http://securitytracker.com/id?1015035 http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.388487 http://www.debian.org/security/2005/dsa-872 •