Информационная безопасность
[RU] switch to English


Выполнение кода в KOffice / Calligra
Опубликовано:13 августа 2012 г.
Источник:
SecurityVulns ID:12502
Тип:локальная
Уровень опасности:
5/10
Описание:Выполнение кода при открытии документа MS Word.
Затронутые продукты:KDE : KOffice 2.3
 CALLIGRA : Calligra 2.4
CVE:CVE-2012-3456 (Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in Calligra 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3455, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase.)
 CVE-2012-3455 (Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase.)
Оригинальный текстdocumentUBUNTU, [USN-1526-1] KOffice vulnerability (13.08.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород