[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAP-ksoiMhOT+qHo2i6bgM6s_s0Mf5aUwoYBbUybPdJaR07yjqA@mail.gmail.com>
Date: Mon, 27 Aug 2012 17:01:41 -0400
From: Rob Weir <robweir@...che.org>
To: security@...che.org
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: CVE-2012-2665 Manifest-processing errors in
Apache OpenOffice 3.4.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
CVE-2012-2665 Manifest-processing errors in Apache OpenOffice 3.4.0
Reference: http://www.openoffice.org/security/cves/CVE-2012-2665.html
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache OpenOffice 3.4.0, all languages, all platforms.
Earlier versions of OpenOffice.org may be also affected.
Description:
When OpenOffice reads an ODF document, it first loads and processes
an XML stream within the file called the manifest. Apache OpenOffice
3.4.0 has logic errors that allows a carefully crafted manifest to
cause reads and writes beyond allocated buffers.
No specific exploit has been demonstrated in this case, though such
flaws generally are conducive to exploitation, possibly including
denial of service and elevation of privilege.
Mitigation
OpenOffice users are advised to upgrade to Apache OpenOffice 3.4.1:
http://www.openoffice.org/download/
Users who are unable to upgrade immediately should exercise caution
when opening untrusted ODF documents.
Credits
The Apache OpenOffice Security Team acknowledges Timo Warns of
PRESENSE Technologies GmbH as the discoverer of these flaws.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJQO9pNAAoJEGFAoYdHzLzHMTgP/RhtW9cIbb1YgNiQIjZgmhfd
EfTDVsVa/mhSVwCcMF5oyJN1SYrscxK94NlcXOAhWZ/utPwCLev5Pv3BE8Y1gZ8Y
LJoGtFaxbByzbixAOtOqAWR3b84QM2wjDgqd6Cf7Yio00Wgeqs4vrvAkwCCNKroa
7iOZfhw/3kV8spiMIYTESz+OIzZ09NOz9G36hFn3Yn5CHTcbO0sPE9hJGVhE8Y6Q
92plJKcAgXFv8hdjQwGeda8H40jQqv86/FbDtn9muMtJICozlHQyhdk26E3up0Yo
IUnN522h4PJyq3zvs9GRbLPh6RS3zpMt82Sz6MG8lgKkKcGFxmjGHHQeFTh2QLd9
opghFYVtYjHdDnj9g5/iKEPkXxE//DXDtrfk/AP29WOMSupXwh5yq5blvpUmFODB
FdfBxPyefRmYWarA1DN5IhnT17MjyHlrAX/wY6NJjurjsJWCKpbc2jeaNgmLMTDH
IBiKWygALM7E2Qk/a3cRKCfFdsJxAQ15UMFNzTh6k4iXyWZpzDoBg+DPpN6GCHQy
SyH8aOSjufuCyGk/yoS6d+NZcl91g3FSsvnP/8nuCsYex5GKVLR/ffXi4YIcKDQK
6Z2tgGLn6xadmj63hWb91GMvIfw1n9mJ9JXGn0gzhnr5xvix+JOGKKjW9tvV492S
WCdOJJ8o6cV4lJqeIeGm
=xMKS
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists