CVE-2011-2713
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.
oowriter en OpenOffice.org v3.3.0 y LibreOffice anterior a v3.4.3 permite a atacantes remotos asistidos por un usuario pueden provocar una denegación de servicio (caída) mediante un archivo DOC manipulado que provoca una lectura fuera del límite analizador sintáctico de DOC sprm.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-07-11 CVE Reserved
- 2011-10-05 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/76178 | Vdb Entry | |
| http://secunia.com/advisories/50692 | Third Party Advisory | |
| http://secunia.com/advisories/60799 | Third Party Advisory | |
| http://www.securityfocus.com/bid/49969 | Vdb Entry | |
| http://www.securitytracker.com/id?1026145 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html | 2014-10-24 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=725668 | 2014-10-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | <= 3.4.2 Search vendor "Libreoffice" for product "Libreoffice" and version " <= 3.4.2" | - |
Affected
| ||||||
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | 3.3.0 Search vendor "Libreoffice" for product "Libreoffice" and version "3.3.0" | - |
Affected
| ||||||
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | 3.3.1 Search vendor "Libreoffice" for product "Libreoffice" and version "3.3.1" | - |
Affected
| ||||||
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | 3.3.2 Search vendor "Libreoffice" for product "Libreoffice" and version "3.3.2" | - |
Affected
| ||||||
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | 3.3.3 Search vendor "Libreoffice" for product "Libreoffice" and version "3.3.3" | - |
Affected
| ||||||
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | 3.3.4 Search vendor "Libreoffice" for product "Libreoffice" and version "3.3.4" | - |
Affected
| ||||||
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | 3.4.0 Search vendor "Libreoffice" for product "Libreoffice" and version "3.4.0" | - |
Affected
| ||||||
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | 3.4.1 Search vendor "Libreoffice" for product "Libreoffice" and version "3.4.1" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Openoffice.org Search vendor "Sun" for product "Openoffice.org" | 3.3.0 Search vendor "Sun" for product "Openoffice.org" and version "3.3.0" | - |
Affected
| ||||||