CVE-2012-1149 (retired)

Priority
Description
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4
Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote
attackers to cause a denial of service (application crash) and possibly
execute arbitrary code via a crafted embedded image object, as demonstrated
by a JPEG image in a .DOC file, which triggers a heap-based buffer
overflow.
Assigned-to
jdstrand
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Patches:
Vendor:http://www.debian.org/security/2012/dsa-2473
Vendor:http://www.debian.org/security/2012/dsa-2487
More Information

Updated: 2019-03-26 12:01:07 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)