Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
2012-06-21T15:55:11.537
2025-04-11T00:51:21.963
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | libreoffice | libreoffice | ≤ 3.5.2 | Yes |
| Operating System | debian | debian_linux | 6.0 | Yes |
| Operating System | debian | debian_linux | 7.0 | Yes |
| Operating System | redhat | enterprise_linux | 5.0 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 5.0 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_server | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 6.2 | Yes |
| Operating System | redhat | enterprise_linux_server_eus | 6.2.z | Yes |
| Operating System | redhat | enterprise_linux_workstation | 6.0 | Yes |
| Application | apache | openoffice.org | 3.3.0 | Yes |
| Application | apache | openoffice.org | 3.4 | Yes |
| Operating System | fedoraproject | fedora | 15 | Yes |
| Operating System | fedoraproject | fedora | 16 | Yes |