Release date:
Updated on:
Affected Systems:
OpenOffice 3.x
OpenOffice 2.x
OpenOffice 1.1.x
Libreoffice 3.5.x
Libreoffice 3.3.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 54769
Cve id: CVE-2012-2665
LibreOffice is a suite that can be executed on various platforms and is compatible with other major office software. OpenOffice was originally Sun's commercial Office software-StarOffice. After Sun's public code, it was officially named OpenOffice development plan.
Multiple heap buffer overflow vulnerabilities exist in LibreOffice and OpenOffice. Attackers can exploit these vulnerabilities to execute arbitrary code on the affected machines.
<* Source: Jan Lieskovsky (jlieskov@RedHat.com)
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
OpenOffice
----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.openoffice.org/
Libreoffice
-----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.libreoffice.org/