CVE-2011-2685

Related Files

Ubuntu Security Notice USN-1496-1

Posted Jul 3, 2012

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1496-1 - A stack-based buffer overflow was discovered in the Lotus Word Pro import filter in OpenOffice.org. The default compiler options for affected releases should reduce the vulnerability to a denial of service. Huzaifa Sidhpurwala discovered that OpenOffice.org could be made to crash if it opened a specially crafted Word document. Integer overflows were discovered in the graphics loading code of several different image types. If a user were tricked into opening a specially crafted file, an attacker could cause OpenOffice.org to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary

systems | linux, ubuntu

advisories | CVE-2011-2685, CVE-2011-2713, CVE-2012-1149, CVE-2012-2334, CVE-2011-2685, CVE-2011-2713, CVE-2012-1149, CVE-2012-2334

SHA-256 | 6d337c7be5b6468659a8a20b6abfe0b12aceb6daf7137e5e7fc42af784c51ab0

Download | Favorite | View

Mandriva Linux Security Advisory 2011-172

Posted Nov 12, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-172 - Multiple vulnerabilities has been discovered and corrected in libreoffice. Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted.lwp file. oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability

systems | linux, mandriva

advisories | CVE-2011-2685, CVE-2011-2713

SHA-256 | 4fd81df2fa0142fdec47f52a8a168c1a357a0b84ccca8a96b9d1c47d50f2c6b8

Download | Favorite | View