CVE-2012-1149
Published: 21 June 2012
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
Priority
Status
References
- http://www.openoffice.org/security/cves/CVE-2012-1149.html
- http://www.libreoffice.org/advisories/cve-2012-1149/
- http://nabble.documentfoundation.org/CVE-2012-1149-Is-there-a-patch-td3985567.html
- https://ubuntu.com/security/notices/USN-1496-1
- https://ubuntu.com/security/notices/USN-1495-1
- https://www.cve.org/CVERecord?id=CVE-2012-1149
- NVD
- Launchpad
- Debian