Apache OpenOffice < 3.4.0 Multiple Memory Corruption Vulnerabilities

High Nessus Plugin ID 59191


The remote Windows host has a program affected by multiple memory corruption vulnerabilities.


The version of Apache OpenOffice installed on the remote host is prior to 3.4.0. It is, therefore, affected by several memory corruption issues :

- An integer overflow error exists in 'vclmi.dll' that could allow heap-based buffer overflows when handling embedded image objects. (CVE-2012-1149)

- A memory overwrite error exists in 'libwpd' that could be triggered when processing WordPerfect documents. This memory overwrite may lead to arbitrary code execution.

- Memory checking errors exist in 'filter/source/msfilter msdffimp.cxx' that could be triggered when processing PowerPoint graphics records.
These errors could allow denial of service attacks.


Upgrade to Apache OpenOffice version 3.4.0 or later.

See Also






Plugin Details

Severity: High

ID: 59191

File Name: openoffice_34.nasl

Version: 1.12

Type: local

Agent: windows

Family: Windows

Published: 2012/05/18

Updated: 2019/12/04

Dependencies: 25551

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2012-2149

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:apache:openoffice

Required KB Items: SMB/OpenOffice/Build

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2011/05/08

Vulnerability Publication Date: 2011/05/16

Reference Information

CVE: CVE-2012-1149, CVE-2012-2149, CVE-2012-2334

BID: 53570