LibreOffice < 3.5.3 Multiple Memory Corruption Vulnerabilities

high Nessus Plugin ID 59180

Synopsis

The remote host contains an application affected by multiple memory corruption vulnerabilities.

Description

A version of LibreOffice prior to 3.5.3 is installed on the remote Windows host. It is, therefore, reportedly affected by multiple memory corruption vulnerabilities :

- An integer overflow vulnerability exists in the graphics object loading code that could allow a remote attacker to execute arbitrary code or cause an application crash. (CVE-2012-1149)

- A denial of service vulnerability exists in the PowerPoint presentation import code. (CVE-2012-2334)

- A memory corruption vulnerability in the code for handling .RTF files.

Solution

Upgrade to LibreOffice version 3.5.3 or greater.

See Also

http://shinnai.altervista.org/exploits/SH-016-20120416.html

http://www.nessus.org/u?79f70016

Plugin Details

Severity: High

ID: 59180

File Name: libreoffice_353.nasl

Version: 1.6

Type: local

Agent: windows

Family: Windows

Published: 5/17/2012

Updated: 12/4/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2012-1149

Vulnerability Information

CPE: cpe:/a:libreoffice:libreoffice

Required KB Items: SMB/LibreOffice/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 5/2/2012

Vulnerability Publication Date: 4/16/2012

Reference Information

CVE: CVE-2012-1149, CVE-2012-2334

BID: 53142, 53570