Search This Blog

CVE-2012-2665: LibreOffice vulnerable to multiple Heap-based buffer overflows

CVE-2012-2665: Few weeks after releasing the LibreOffice 3.5.5, The Document Foundation has confirmed that security holes in earlier versions of the open source LibreOffice .

According to the security advisory,  Multiple heap-based buffer overflow flaws were found in the XML manifest encryption tag parsing code of LibreOffice.

An attacker could create a specially-crafted file in the Open Document Format for Office Applications (ODF) format which when opened could cause arbitrary code execution.

Versions up to and including LibreOffice 3.5.4 are affected; Users are advised to upgrade your software to version 3.5.5 or 3.6.0.
Share it:

Application Vulnerability

Breaking News