LibreOffice < 3.5.3 Multiple Memory Corruption Vulnerabilities

High Nessus Plugin ID 59180

Synopsis

The remote host contains an application affected by multiple memory corruption vulnerabilities.

Description

A version of LibreOffice prior to 3.5.3 is installed on the remote Windows host. It is, therefore, reportedly affected by multiple memory corruption vulnerabilities :

- An integer overflow vulnerability exists in the graphics object loading code that could allow a remote attacker to execute arbitrary code or cause an application crash. (CVE-2012-1149)

- A denial of service vulnerability exists in the PowerPoint presentation import code. (CVE-2012-2334)

- A memory corruption vulnerability in the code for handling .RTF files.

Solution

Upgrade to LibreOffice version 3.5.3 or greater.

See Also

http://shinnai.altervista.org/exploits/SH-016-20120416.html

http://www.nessus.org/u?79f70016

Plugin Details

Severity: High

ID: 59180

File Name: libreoffice_353.nasl

Version: 1.6

Type: local

Agent: windows

Family: Windows

Published: 2012/05/17

Updated: 2019/12/04

Dependencies: 55573

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2012-1149

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:libreoffice:libreoffice

Required KB Items: SMB/LibreOffice/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2012/05/02

Vulnerability Publication Date: 2012/04/16

Reference Information

CVE: CVE-2012-1149, CVE-2012-2334

BID: 53142, 53570

EDB-ID: 18754