Lucene search

[email protected]CVE-2011-2685

HistoryJul 21, 2011 - 11:55 p.m.

CVE-2011-2685

2011-07-2123:55:03

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-2685

buffer overflow

lotus word pro

libreoffice

security vulnerability

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.124 Low

EPSS

Percentile

95.4%

JSON

Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file.

Affected configurations

NVD

Node

libreofficelibreofficeRange≤3.3.2

libreofficelibreofficeMatch3.3.0

libreofficelibreofficeMatch3.3.1

CPENameOperatorVersion
libreoffice:libreofficelibreofficele3.3.2
libreoffice:libreofficelibreofficeeq3.3.0
libreoffice:libreofficelibreofficeeq3.3.1

CPE	Name	Operator	Version
libreoffice:libreoffice	libreoffice	le	3.3.2
libreoffice:libreoffice	libreoffice	eq	3.3.0
libreoffice:libreoffice	libreoffice	eq	3.3.1

References

cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d

cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877

lists.opensuse.org/opensuse-updates/2011-10/msg00019.html

www.kb.cert.org/vuls/id/953183

www.mandriva.com/security/advisories?name=MDVSA-2011:172

www.openwall.com/lists/oss-security/2011/07/06/13

www.openwall.com/lists/oss-security/2011/07/12/13

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.124 Low

EPSS

Percentile

95.4%

JSON

Related for CVE-2011-2685

openvas8 cvelist1 nvd1 debiancve1 cert1 nessus8 prion1 ubuntucve1 ubuntu1