CVE-2012-0037

Naslov: CVE-2012-0037: Napaka razširjanja entitete XML pri obdelavi datoteke RDF

Objavljeno: 22. marec 2012

Popravljeno v: LibreOffice 3.4.6/3.5.1

Izvirni opis:
An XML Entity Expansion flaw was found in the way embedded Raptor library processed certain RDF and other XML-based format files. An attacker could create a specially-crafted file in an affected LibreOffice format which when opened could cause arbitrary code execution or local file inclusion.

Thanks to Timothy D. Morgan of VSR for reporting this flaw. Users are recommended to upgrade to 3.4.6 or 3.5.1 to avoid this flaw

Viri: