Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2685

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-2685
Last Modified 18 Jan 2012 10:58:32
Published 21 Jul 2011 07:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2685

Summary

Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file.

Vulnerable Systems

Application

  • Libreoffice 3.3.0

  • Libreoffice 3.3.1

  • Libreoffice 3.3.2


References

CERT-VN - VU#953183

MISC - http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877

MISC - http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d

MLIST - [oss-security] 20110712 Re: libreoffice/openoffice.org CVE id request

MLIST - [oss-security] 20110706 libreoffice/openoffice.org CVE id request

SUSE - openSUSE-SU-2011:1143

MANDRIVA - MDVSA-2011:172

Related Patches

Novell SUSE 2011:5271 libreoffice-34 security update for SLE 11 SP1 i586


Last Updated: 27 May 2016 10:56:26