Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2012 Greenbone AGOPENVAS:1361412562310803084
HistoryDec 24, 2012 - 12:00 a.m.

LibreOffice Graphic Object Loading Buffer Overflow Vulnerability - Windows

2012-12-2400:00:00
Copyright (C) 2012 Greenbone AG
plugins.openvas.org
24

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

LibreOffice is prone to a buffer overflow vulnerability.

# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.803084");
  script_version("2024-02-15T05:05:39+0000");
  script_cve_id("CVE-2012-1149");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2024-02-15 05:05:39 +0000 (Thu, 15 Feb 2024)");
  script_tag(name:"creation_date", value:"2012-12-24 16:32:25 +0530 (Mon, 24 Dec 2012)");
  script_name("LibreOffice Graphic Object Loading Buffer Overflow Vulnerability - Windows");
  script_xref(name:"URL", value:"http://secunia.com/advisories/47244");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/53570");
  script_xref(name:"URL", value:"http://www.libreoffice.org/advisories/cve-2012-1149");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_family("Buffer overflow");
  script_dependencies("gb_libreoffice_detect_portable_win.nasl");
  script_mandatory_keys("LibreOffice/Win/Ver");
  script_tag(name:"insight", value:"An integer overflow error within the vclmi.dll module when allocating memory
  for an embedded image object allows attacker to crash the application.");
  script_tag(name:"solution", value:"Upgrade to LibreOffice version 3.5.3 or later.");
  script_tag(name:"summary", value:"LibreOffice is prone to a buffer overflow vulnerability.");
  script_tag(name:"impact", value:"Successful exploitation will allow remote attackers to cause a denial of
  service condition or execute arbitrary code.");
  script_tag(name:"affected", value:"LibreOffice version before 3.5.3 on Windows");
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("version_func.inc");

libreVer = get_kb_item("LibreOffice/Win/Ver");
if(!libreVer){
  exit(0);
}

if(version_is_less(version: libreVer, test_version:"3.5.3")){
  report = report_fixed_ver(installed_version:libreVer, fixed_version:"3.5.3");
  security_message(port:0, data:report);
}

Related

nessus 18
fedora 3
ubuntucve 1
nvd 1
debiancve 1
openvas 31
debian 5
prion 1
securityvulns 2
cvelist 1
cve 1
oraclelinux 1
centos 1
osv 1
redhat 1
ubuntu 2
gentoo 2
nessus
nessus
Fedora 16 : libreoffice-3.4.5.2-15.fc16 (2012-8042)
2012-05-29 00:00:00
Debian DSA-2473-1 : openoffice.org - buffer overflow
2012-05-17 00:00:00
Fedora 15 : libreoffice-3.3.4.1-5.fc15 (2012-8114)
2012-06-14 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: libreoffice-3.4.5.2-15.fc16
2012-05-27 01:58:33
[SECURITY] Fedora 16 Update: libreoffice-3.4.5.2-18.fc16
2012-08-10 22:37:08
[SECURITY] Fedora 15 Update: libreoffice-3.3.4.1-5.fc15
2012-06-13 21:28:52
ubuntucve
ubuntucve
CVE-2012-1149
2012-06-21 00:00:00
nvd
nvd
CVE-2012-1149
2012-06-21 15:55:11
debiancve
debiancve
CVE-2012-1149
2012-06-21 15:55:11
openvas
openvas
LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X)
2012-12-24 00:00:00
Debian: Security Advisory (DSA-2473-1)
2012-05-31 00:00:00
LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Windows)
2012-12-24 00:00:00
debian
debian
[SECURITY] [DSA 2473-1] openoffice.org security update
2012-05-16 22:04:38
[BSA-074] Security update for libreoffice
2012-06-12 22:53:41
[BSA 076] Security update for libreoffice
2012-08-23 10:51:07
prion
prion
Integer overflow
2012-06-21 15:55:00
securityvulns
securityvulns
CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object
2012-05-21 00:00:00
OpenOffice multiple security vulnerabilities
2012-05-21 00:00:00
cvelist
cvelist
CVE-2012-1149
2012-06-21 15:00:00
cve
cve
CVE-2012-1149
2012-06-21 15:55:11
oraclelinux
oraclelinux
openoffice.org security update
2012-06-05 00:00:00
centos
centos
autocorr, broffice.org, openoffice.org security update
2012-06-05 10:03:16
osv
osv
openoffice.org - buffer overflow
2012-06-07 00:00:00
redhat
redhat
(RHSA-2012:0705) Important: openoffice.org security update
2012-06-04 00:00:00
ubuntu
ubuntu
LibreOffice vulnerabilities
2012-07-02 00:00:00
OpenOffice.org vulnerabilities
2012-07-02 00:00:00
gentoo
gentoo
LibreOffice: Multiple vulnerabilities
2012-09-24 00:00:00
OpenOffice, LibreOffice: Multiple vulnerabilities
2014-08-31 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON
Related for OPENVAS:1361412562310803084
nessus18fedora3ubuntucve1nvd1debiancve1openvas31debian5prion1securityvulns2cvelist1cve1oraclelinux1centos1osv1redhat1ubuntu2gentoo2