Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2713

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-2713
Last Modified 24 Oct 2014 02:19:14
Published 21 Oct 2011 02:55:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2713

Summary

oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.

Vulnerable Systems

Application

  • Libreoffice 3.3.0

  • Libreoffice 3.3.1

  • Libreoffice 3.3.2

  • Libreoffice 3.3.3

  • Libreoffice 3.3.4

  • Libreoffice 3.4.0

  • Libreoffice 3.4.1

  • Libreoffice 3.4.2

  • Sun Openoffice.org 3.3.0


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=725668

FEDORA - FEDORA-2011-14049

SECTRACK - 1026145

BID - 49969

CONFIRM - http://www.libreoffice.org/advisories/CVE-2011-2713/

DEBIAN - DSA-2315

OSVDB - 76178

SUSE - openSUSE-SU-2011:1143

FEDORA - FEDORA-2011-14036

MANDRIVA - MDVSA-2011:172

GENTOO - GLSA-201209-05

SECUNIA - 50692

GENTOO - GLSA-201408-19

SECUNIA - 60799

Related Patches

Novell SUSE 2011:5271 libreoffice-34 security update for SLE 11 SP1 i586


Last Updated: 27 May 2016 10:57:21