Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2012-2149
Deferred
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-21 Jun, 2012 | 15:55
Updated At-11 Apr, 2025 | 00:51

The WPXContentListener::_closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org (OOo) before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report this issue as an integer overflow.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Red Hat, Inc.
redhat
>>enterprise_linux__optional_productivity_applications>>*
cpe:2.3:a:redhat:enterprise_linux__optional_productivity_applications:*:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_desktop>>5.0
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
The Apache Software Foundation
apache
>>openoffice.org>>Versions up to 3.4(inclusive)
cpe:2.3:a:apache:openoffice.org:*:beta_1:*:*:*:*:*:*
The Apache Software Foundation
apache
>>openoffice.org>>3.3
cpe:2.3:a:apache:openoffice.org:3.3:*:*:*:*:*:*:*
libwpd
libwpd
>>libwpd>>0.8.8
cpe:2.3:a:libwpd:libwpd:0.8.8:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/bugtraq/2012-05/0090.htmlsecalert@redhat.com
N/A
http://packetstormsecurity.org/files/112862/libwpd-WPXContentListener-_closeTableRow-Memory-Overwrite.htmlsecalert@redhat.com
Exploit
Third Party Advisory
VDB Entry
http://rhn.redhat.com/errata/RHSA-2012-1043.htmlsecalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/46992secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/60799secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xmlsecalert@redhat.com
N/A
http://www.openoffice.org/security/cves/CVE-2012-2149.htmlsecalert@redhat.com
Vendor Advisory
http://www.securityfocus.com/bid/53570secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1027069secalert@redhat.com
Third Party Advisory
VDB Entry
https://www.sec-consult.com/files/20120518-0_openoffice_memory_overwrite.txtsecalert@redhat.com
Exploit
http://archives.neohapsis.com/archives/bugtraq/2012-05/0090.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://packetstormsecurity.org/files/112862/libwpd-WPXContentListener-_closeTableRow-Memory-Overwrite.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
VDB Entry
http://rhn.redhat.com/errata/RHSA-2012-1043.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/46992af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/60799af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openoffice.org/security/cves/CVE-2012-2149.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/53570af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1027069af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://www.sec-consult.com/files/20120518-0_openoffice_memory_overwrite.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2012-05/0090.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://packetstormsecurity.org/files/112862/libwpd-WPXContentListener-_closeTableRow-Memory-Overwrite.html
Source: secalert@redhat.com
Resource:
Exploit
Third Party Advisory
VDB Entry
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1043.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/46992
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/60799
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openoffice.org/security/cves/CVE-2012-2149.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/53570
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1027069
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www.sec-consult.com/files/20120518-0_openoffice_memory_overwrite.txt
Source: secalert@redhat.com
Resource:
Exploit
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2012-05/0090.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://packetstormsecurity.org/files/112862/libwpd-WPXContentListener-_closeTableRow-Memory-Overwrite.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
VDB Entry
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1043.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/46992
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/60799
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openoffice.org/security/cves/CVE-2012-2149.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/53570
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1027069
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www.sec-consult.com/files/20120518-0_openoffice_memory_overwrite.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Change History
0Changes found
Details not found