7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.079 Low
EPSS
Percentile
94.3%
CentOS Errata and Security Advisory CESA-2012:1135
LibreOffice is an open source, community-developed office productivity
suite. It includes the key desktop applications, such as a word processor,
spreadsheet application, presentation manager, formula editor, and a
drawing program.
Multiple heap-based buffer overflow flaws were found in the way LibreOffice
processed encryption information in the manifest files of OpenDocument
Format files. An attacker could provide a specially-crafted OpenDocument
Format file that, when opened in a LibreOffice application, would cause the
application to crash or, potentially, execute arbitrary code with the
privileges of the user running the application. (CVE-2012-2665)
Upstream acknowledges Timo Warns as the original reporter of these issues.
All LibreOffice users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. All running
instances of LibreOffice applications must be restarted for this update to
take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2012-August/080943.html
Affected packages:
autocorr-af
autocorr-bg
autocorr-cs
autocorr-da
autocorr-de
autocorr-en
autocorr-es
autocorr-eu
autocorr-fa
autocorr-fi
autocorr-fr
autocorr-ga
autocorr-hr
autocorr-hu
autocorr-it
autocorr-ja
autocorr-ko
autocorr-lb
autocorr-lt
autocorr-mn
autocorr-nl
autocorr-pl
autocorr-pt
autocorr-ru
autocorr-sk
autocorr-sl
autocorr-sr
autocorr-sv
autocorr-tr
autocorr-vi
autocorr-zh
libreoffice
libreoffice-base
libreoffice-bsh
libreoffice-calc
libreoffice-core
libreoffice-draw
libreoffice-emailmerge
libreoffice-gdb-debug-support
libreoffice-graphicfilter
libreoffice-headless
libreoffice-impress
libreoffice-javafilter
libreoffice-langpack-af
libreoffice-langpack-ar
libreoffice-langpack-as
libreoffice-langpack-bg
libreoffice-langpack-bn
libreoffice-langpack-ca
libreoffice-langpack-cs
libreoffice-langpack-cy
libreoffice-langpack-da
libreoffice-langpack-de
libreoffice-langpack-dz
libreoffice-langpack-el
libreoffice-langpack-en
libreoffice-langpack-es
libreoffice-langpack-et
libreoffice-langpack-eu
libreoffice-langpack-fi
libreoffice-langpack-fr
libreoffice-langpack-ga
libreoffice-langpack-gl
libreoffice-langpack-gu
libreoffice-langpack-he
libreoffice-langpack-hi
libreoffice-langpack-hr
libreoffice-langpack-hu
libreoffice-langpack-it
libreoffice-langpack-ja
libreoffice-langpack-kn
libreoffice-langpack-ko
libreoffice-langpack-lt
libreoffice-langpack-mai
libreoffice-langpack-ml
libreoffice-langpack-mr
libreoffice-langpack-ms
libreoffice-langpack-nb
libreoffice-langpack-nl
libreoffice-langpack-nn
libreoffice-langpack-nr
libreoffice-langpack-nso
libreoffice-langpack-or
libreoffice-langpack-pa
libreoffice-langpack-pl
libreoffice-langpack-pt-BR
libreoffice-langpack-pt-PT
libreoffice-langpack-ro
libreoffice-langpack-ru
libreoffice-langpack-sk
libreoffice-langpack-sl
libreoffice-langpack-sr
libreoffice-langpack-ss
libreoffice-langpack-st
libreoffice-langpack-sv
libreoffice-langpack-ta
libreoffice-langpack-te
libreoffice-langpack-th
libreoffice-langpack-tn
libreoffice-langpack-tr
libreoffice-langpack-ts
libreoffice-langpack-uk
libreoffice-langpack-ur
libreoffice-langpack-ve
libreoffice-langpack-xh
libreoffice-langpack-zh-Hans
libreoffice-langpack-zh-Hant
libreoffice-langpack-zu
libreoffice-math
libreoffice-ogltrans
libreoffice-opensymbol-fonts
libreoffice-pdfimport
libreoffice-presentation-minimizer
libreoffice-presenter-screen
libreoffice-pyuno
libreoffice-report-builder
libreoffice-rhino
libreoffice-sdk
libreoffice-sdk-doc
libreoffice-testtools
libreoffice-ure
libreoffice-wiki-publisher
libreoffice-writer
libreoffice-xsltfilter
Upstream details at:
https://access.redhat.com/errata/RHSA-2012:1135
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | noarch | autocorr-af | < 3.4.5.2-16.1.el6_3 | autocorr-af-3.4.5.2-16.1.el6_3.noarch.rpm |
CentOS | 6 | noarch | autocorr-bg | < 3.4.5.2-16.1.el6_3 | autocorr-bg-3.4.5.2-16.1.el6_3.noarch.rpm |
CentOS | 6 | noarch | autocorr-cs | < 3.4.5.2-16.1.el6_3 | autocorr-cs-3.4.5.2-16.1.el6_3.noarch.rpm |
CentOS | 6 | noarch | autocorr-da | < 3.4.5.2-16.1.el6_3 | autocorr-da-3.4.5.2-16.1.el6_3.noarch.rpm |
CentOS | 6 | noarch | autocorr-de | < 3.4.5.2-16.1.el6_3 | autocorr-de-3.4.5.2-16.1.el6_3.noarch.rpm |
CentOS | 6 | noarch | autocorr-en | < 3.4.5.2-16.1.el6_3 | autocorr-en-3.4.5.2-16.1.el6_3.noarch.rpm |
CentOS | 6 | noarch | autocorr-es | < 3.4.5.2-16.1.el6_3 | autocorr-es-3.4.5.2-16.1.el6_3.noarch.rpm |
CentOS | 6 | noarch | autocorr-eu | < 3.4.5.2-16.1.el6_3 | autocorr-eu-3.4.5.2-16.1.el6_3.noarch.rpm |
CentOS | 6 | noarch | autocorr-fa | < 3.4.5.2-16.1.el6_3 | autocorr-fa-3.4.5.2-16.1.el6_3.noarch.rpm |
CentOS | 6 | noarch | autocorr-fi | < 3.4.5.2-16.1.el6_3 | autocorr-fi-3.4.5.2-16.1.el6_3.noarch.rpm |