CVE-2012-2665

Naslov: CVE-2012-2665: Več prekoračitev medpomnilnika na osnovi kopice v kodi, ki obravnava šifriranje manifesta XML

Objavljeno: 1. avgust 2012

Popravljeno v: LibreOffice 3.5.5/3.6.0

Izvirni opis:
Multiple heap-based buffer overflow flaws were found in the XML manifest encryption tag parsing code of LibreOffice. An attacker could create a specially-crafted file in the Open Document Format for Office Applications (ODF) format which when opened could cause arbitrary code execution.

Thanks to Timo Warns of PRE-CERT for reporting this flaw. Users are recommended to upgrade to 3.5.5 or 3.6.0 to avoid this flaw

Viri:

PRE-CERT