{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2012-2334", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "20120516 CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0", "refsource" : "BUGTRAQ", "url" : "http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html" }, { "name" : "[oss-security] 20120528 Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification", "refsource" : "MLIST", "url" : "http://www.openwall.com/lists/oss-security/2012/05/28/2" }, { "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=821803", "refsource" : "MISC", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=821803" }, { "name" : "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da", "refsource" : "CONFIRM", "url" : "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da" }, { "name" : "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e", "refsource" : "CONFIRM", "url" : "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e" }, { "name" : "http://www.libreoffice.org/advisories/cve-2012-2334/", "refsource" : "CONFIRM", "url" : "http://www.libreoffice.org/advisories/cve-2012-2334/" }, { "name" : "http://www.openoffice.org/security/cves/CVE-2012-2334.html", "refsource" : "CONFIRM", "url" : "http://www.openoffice.org/security/cves/CVE-2012-2334.html" }, { "name" : "DSA-2487", "refsource" : "DEBIAN", "url" : "http://www.debian.org/security/2012/dsa-2487" }, { "name" : "FEDORA-2012-8114", "refsource" : "FEDORA", "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html" }, { "name" : "GLSA-201408-19", "refsource" : "GENTOO", "url" : "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "name" : "MDVSA-2012:090", "refsource" : "MANDRIVA", "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090" }, { "name" : "MDVSA-2012:091", "refsource" : "MANDRIVA", "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091" }, { "name" : "RHSA-2012:0705", "refsource" : "REDHAT", "url" : "http://rhn.redhat.com/errata/RHSA-2012-0705.html" }, { "name" : "53570", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/53570" }, { "name" : "82517", "refsource" : "OSVDB", "url" : "http://www.osvdb.org/82517" }, { "name" : "1027070", "refsource" : "SECTRACK", "url" : "http://securitytracker.com/id?1027070" }, { "name" : "46992", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/46992" }, { "name" : "47244", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/47244" }, { "name" : "49373", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/49373" }, { "name" : "49392", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/49392" }, { "name" : "60799", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/60799" }, { "name" : "openoffice-powerpoint-dos(75695)", "refsource" : "XF", "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75695" } ] } }