SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Application (Generic)  >   Apache OpenOffice Vendors:   Apache Software Foundation, OpenOffice.org
OpenOffice.org WordPerfect Library Memory Error Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1027069
SecurityTracker URL:  http://securitytracker.com/id/1027069
CVE Reference:   CVE-2012-2149   (Links to External Site)
Date:  May 16 2012
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.3 and 3.4 Beta; possibly earlier versions
Description:   A vulnerability was reported in OpenOffice.org. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted Wordperfect WPD-format document that, when loaded by the target user, will trigger a memory overwrite flaw and execute arbitrary code on the target system. The code will run with the privileges of the target user.

Kestutis Gudinavicius of SEC Consult Unternehmensberatung GmbH reported this vulnerability.

Impact:   A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   The vendor has issued a fix (3.4).

The vendor's advisory is available at:

http://www.openoffice.org/security/cves/CVE-2012-2149.html

Vendor URL:  www.openoffice.org/security/cves/CVE-2012-2149.html (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jun 26 2012 (Red Hat Issues Fix) OpenOffice.org WordPerfect Library Memory Error Lets Remote Users Execute Arbitrary Code
Red Hat has issued a fix for libwpd for Red Hat Enterprise Linux 5.



 Source Message Contents

Subject:  CVE-2012-2149 OpenOffice.org memory overwrite vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CVE-2012-2149 OpenOffice.org memory overwrite vulnerability

Reference: http://www.openoffice.org/security/cves/CVE-2012-2149.html

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:

OpenOffice.org 3.3 and 3.4 Beta, on all platforms.
Earlier versions may be also affected.

Description:

Effected versions of OpenOffice.org use a customized libwpd that has a
memory overwrite vulnerability that could be exploited by a specially
crafted Wordperfect WPD-format document, potentially leading to
arbitrary-code execution at application user privilege level.

Mitigation

OpenOffice.org 3.3.0 and 3.4 beta users are advised to upgrade to
Apache OpenOffice 3.4, where WPD files are ignored. Users who are
unable to upgrade immediately should be cautious when opening
untrusted WPD documents.

Credits

The Apache OpenOffice Security Team acknowledges Kestutis Gudinavicius
of SEC Consult Unternehmensberatung GmbH as the discoverer of this flaw.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJPs8AeAAoJEGFAoYdHzLzHpw4P/3hRQxaIre8XARxy9JiT+HX3
xCFp+ksNHQBlCf7KUDhy0uz5KFzzrPHKoJCVTXBmMz2CErsIJs5rf4ePZhdj2V96
z87qKRojEbeWQGw1lIfXWnytnk1GpPoSb51vhu20J2g4K0IUCor8LTWisVeeVhFu
TlEaNLreQHn+0fVCdYnCWenWzFqJfWvxcUXi3OSysT7+fAacF63ZayuFhGT6WygP
QXdW8fwhwAnFvwcBU4aSVX0tEpbAvQoZGw4EwlU0Osz6DHhJmlH9BYtsvAGX0amh
6Ow/Rg8J1dOicX7W7+bGcgIeNkBalbbiKrMJ2l5SEBhOkFEi0vOJZwDBqceHDDvC
wXYXAIyLqjyd7uyBslnAPqAVoAt3s4ZpAEHKPXSOpWBe4U6idcFNSM2QOj+IEbic
BROlOFXhJnRi69bowISAXdm6bKX/hvFhu9YhbmEfOE2sczp2FfGZ27W80QAboFG+
tfT9a6KmA3pDeh9OPkxABmjhhisPHuP9oSuz0xOiGjcR2A/d7DCtnEQUeLzTV7WI
wtgrlqkJhezNs7JVDcCEm0qXxAUJVTx9KCYvHPFR3IiuKgZba9Keu88wZs9yd/9f
cKSHOSDj2SZ4f4J3lM+llF/z0zjP/hmaQJgKTNsiaO3xl5AzORXMVH25fn4s9UCk
685l8u67flHuv0Iq+m35
=6F6B
-----END PGP SIGNATURE-----
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC