The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1043 advisory.

  - libwpd: Memory overwrite flaw by processing certain WordPerfect (WPD) documents (CVE-2012-2149)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Updated libwpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

libwpd is a library for reading and converting Corel WordPerfect Office documents.

A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents (.wpd files). An attacker could provide a specially crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2149)

All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.

Fix arbitrary code execution by remote attackers via crafted Wordperfect .WPD documents.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Apache OpenOffice installed on the remote host is prior to 3.4.0. It is, therefore, affected by several memory corruption issues :

  - An integer overflow error exists in 'vclmi.dll' that     could allow heap-based buffer overflows when handling     embedded image objects. (CVE-2012-1149)

  - A memory overwrite error exists in 'libwpd' that could     be triggered when processing WordPerfect documents. This     memory overwrite may lead to arbitrary code execution.
    (CVE-2012-2149)

  - Memory checking errors exist in     'filter/source/msfilter msdffimp.cxx' that could be     triggered when processing PowerPoint graphics records.
    These errors could allow denial of service attacks.
    (CVE-2012-2334)

libwpd is a library for reading and converting Corel WordPerfect Office documents.

A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents (.wpd files). An attacker could provide a specially crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2149)

All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.

The remote host is affected by the vulnerability described in GLSA-201408-19 (OpenOffice, LibreOffice: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in OpenOffice and       Libreoffice. Please review the CVE identifiers referenced below for       details.
  Impact :

    A remote attacker could entice a user to open a specially crafted file       using OpenOffice, possibly resulting in execution of arbitrary code with       the privileges of the process, a Denial of Service condition, execution       of arbitrary Python code, authentication bypass, or reading and writing       of arbitrary files.
  Workaround :

    There is no known workaround at this time.

ID	Name	Product	Family	Published	Updated	Severity
59721	RHEL 5 : libwpd (RHSA-2012:1043)	Nessus	Red Hat Local Security Checks	6/27/2012	4/27/2024	high
59737	CentOS 5 : libwpd (CESA-2012:1043)	Nessus	CentOS Local Security Checks	6/28/2012	1/4/2021	high
82191	Debian DLA-44-1 : libwpd security update	Nessus	Debian Local Security Checks	3/26/2015	1/11/2021	high
59191	Apache OpenOffice < 3.4.0 Multiple Memory Corruption Vulnerabilities	Nessus	Windows	5/18/2012	12/4/2019	high
61355	Scientific Linux Security Update : libwpd on SL5.x i386/x86_64 (20120626)	Nessus	Scientific Linux Local Security Checks	8/1/2012	1/14/2021	high
77467	GLSA-201408-19 : OpenOffice, LibreOffice: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	9/1/2014	1/6/2021	critical

Detections

Analytics

Plugins Search

high

high

high

high

high

critical