LibreOffice < 3.5.3 Multiple Memory Corruption Vulnerabilities
High Nessus Plugin ID 59180
SynopsisThe remote host contains an application affected by multiple memory corruption vulnerabilities.
DescriptionA version of LibreOffice prior to 3.5.3 is installed on the remote Windows host. It is, therefore, reportedly affected by multiple memory corruption vulnerabilities :
- An integer overflow vulnerability exists in the graphics object loading code that could allow a remote attacker to execute arbitrary code or cause an application crash. (CVE-2012-1149)
- A denial of service vulnerability exists in the PowerPoint presentation import code. (CVE-2012-2334)
- A memory corruption vulnerability in the code for handling .RTF files.
SolutionUpgrade to LibreOffice version 3.5.3 or greater.