Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3456


Vulnerability Score 7.5 7.5
CVE Id CVE-2012-3456
Last Modified 29 Jan 2013 11:52:33
Published 20 Aug 2012 02:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in Calligra 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3455, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase.

Vulnerable Systems


  • Calligra 2.4

  • Calligra 2.4.1

  • Calligra 2.4.2

  • Calligra 2.4.3


XF - calligra-styles-bo(77482)

BID - 54816

MLIST - [oss-security] 20120810 Re: CVE request for Calligra

MLIST - [oss-security] 20120806 Re: CVE request for Calligra

MLIST - [oss-security] 20120805 Re: CVE request for Calligra

MLIST - [oss-security] 20120804 Re: CVE request for Calligra

MLIST - [oss-security] 20120804 CVE request for Calligra


SECUNIA - 50050


UBUNTU - USN-1525-1

SUSE - openSUSE-SU-2012:1061

Last Updated: 27 May 2016 11:00:32