CVE-2012-2334
Naslov: CVE-2012-2334: Napaka celoštevilske prekoračitve pri napačno zapisanih datotekah PPT
Objavljeno: 16. maj 2012
Posodobljeno: 29. maj 2012
Popravljeno v: LibreOffice 3.5.3
Izvirni opis:
An integer overflow flaw, leading to buffer overflow, was found in the way LibreOffice processed invalid Escher graphics records length in PowerPoint documents. An attacker could provide a specially-crafted PowerPoint document that, when opened, would cause LibreOffice to crash or, potentially, execute arbitrary code with the privileges of the user running LibreOffice.
Thanks to Sven Jacobi for reporting the initial flaw. Thanks to Florian Weimer, Red Hat Product Security Team, for identifying the possibility integer overflow. Users are recommended to upgrade to 3.5.3 to avoid this flaw
Viri:
Sledite nam