CVE-2012-2665
libreoffice: Multiple heap-based buffer overflows in the XML manifest encryption handling code
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four.
Múltiples desbordamientos de bufer basado en en la funcionalidad de cifrado de manifiesto XML en la etiqueta en OpenOffice.org y LibreOffice anterior a v3.5.5 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario a través de un Documento de texto diseñado (. Odt) con el archivo(1) una etiqueta de niño dentro de una etiqueta principal incorrecta, (2) duplicar los tags, o (3) un ChecksumAttribute Base64 cuya longitud no es divisible por cuatro.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-05-14 CVE Reserved
- 2012-08-02 CVE Published
- 2024-08-06 CVE Updated
- 2024-10-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (17)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/50142 | Broken Link | |
| http://secunia.com/advisories/50146 | Broken Link | |
| http://secunia.com/advisories/50692 | Broken Link | |
| http://secunia.com/advisories/60799 | Broken Link | |
| http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt | Third Party Advisory | |
| http://www.securityfocus.com/bid/54769 | Broken Link | |
| http://www.securitytracker.com/id?1027331 | Broken Link | |
| http://www.securitytracker.com/id?1027332 | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1135.html | 2023-02-13 | |
| http://security.gentoo.org/glsa/glsa-201209-05.xml | 2023-02-13 | |
| http://www.debian.org/security/2012/dsa-2520 | 2023-02-13 | |
| http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | 2023-02-13 | |
| http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665 | 2023-02-13 | |
| http://www.ubuntu.com/usn/USN-1536-1 | 2023-02-13 | |
| http://www.ubuntu.com/usn/USN-1537-1 | 2023-02-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=826077 | 2012-08-01 | |
| https://access.redhat.com/security/cve/CVE-2012-2665 | 2012-08-01 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Openoffice Search vendor "Apache" for product "Openoffice" | < 3.4.1 Search vendor "Apache" for product "Openoffice" and version " < 3.4.1" | - |
Affected
| ||||||
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | < 3.5.5 Search vendor "Libreoffice" for product "Libreoffice" and version " < 3.5.5" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 11.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "11.04" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 11.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "11.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 6.0 Search vendor "Debian" for product "Debian Linux" and version "6.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" | 6.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Power Big Endian Search vendor "Redhat" for product "Enterprise Linux For Power Big Endian" | 6.0 Search vendor "Redhat" for product "Enterprise Linux For Power Big Endian" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server From Rhui 6 Search vendor "Redhat" for product "Enterprise Linux Server From Rhui 6" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Server From Rhui 6" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0" | - |
Affected
| ||||||