CVE-2011-2713

Currently unrated

Key Information:

Vendor: Oracle
Status: Openoffice.org; Libreoffice
Vendor: CVE Published:; 21 October 2011

Summary

oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.

References

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

http://lists.opensuse.org/opensuse-updates/2011-10/msg000...

vendor-advisoryx_refsource_SUSE

http://www.securityfocus.com/bid/49969

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Oct 21, 2011
Vulnerability Reserved
Jul 11, 2011