9 results (0.012 seconds)

CVSS: 7.5EPSS: 10%CPEs: 16EXPL: 0

Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase. Desbordamiento de búfer de memoria dinámica en la función de lectura en filters/words/msword-odf/wv2/src/styles.cpp en el filtro Microsoft import filter in KOffice 2.3.3 y anteriores que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) y posiblemente la ejecución de código arbitrario a través de un estilo ODF manipulado en un documento ODF. NOTA:esta es la misma vulnerabilidad que CVE-2012-3456, pero fue dividida por el CNA debido a que Calligra y KOffice comparten parte del mismo código. • http://lists.opensuse.org/opensuse-updates/2012-08/msg00040.html http://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf http://secunia.com/advisories/50199 http://www.kde.org/info/security/advisory-20120810-1.txt http://www.openwall.com/lists/oss-security/2012/08/04/1 http://www.openwall.com/lists/oss-security/2012/08/04/5 http://www.openwall.com/lists/oss-security/2012/08/06/1 http://www.openwall.com/lists/oss- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 14%CPEs: 1EXPL: 0

Integer overflow in the KPresenter import filter for Microsoft PowerPoint files (filters/olefilters/lib/klaola.cc) in KOffice before 1.6.1 allows user-assisted remote attackers to execute arbitrary code via a crafted PPT file, which results in a heap-based buffer overflow. Desbordamiento de enteros en filtro de importanción KPresenter para archivos Microsoft PowerPoint(filters/olefilters/lib/klaola.cc)en KOffice anterior a 1.6.1 permite a atacantes con la intervención del usuarios ejecutar código de su elección a través de un PPT manipulado, lo cual deriva en un desbordamiento de búfer basado en pila. • http://secunia.com/advisories/23143 http://secunia.com/advisories/23162 http://secunia.com/advisories/23220 http://secunia.com/advisories/23409 http://secunia.com/advisories/24218 http://security.gentoo.org/glsa/glsa-200612-05.xml http://securitytracker.com/id?1017318 http://websvn.kde.org/branches/koffice/1.6/koffice/filters/olefilters/lib/klaola.cc?rev=607037&r1=566347&r2=607037 http://www.kde.org/info/security/advisory-20061204-1.txt http://www.koffice.org/announcements/ •

CVSS: 5.0EPSS: 0%CPEs: 127EXPL: 1

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 0%CPEs: 127EXPL: 1

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 1%CPEs: 127EXPL: 1

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-189: Numeric Errors •