CVE-2012-1149

OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:

• OpenOffice.org 3.3 and 3.4 Beta, on all platforms.
• Earlier versions may be also affected.

Description:

The vulnerability is caused due to an integer overflow error in the vclmi.dll module when allocating memory for an embedded image object. This can be exploited to cause a heap-based buffer overflow via, for example using a specially crafted JPEG object within a DOC file.

Mitigation

OpenOffice.org 3.3.0 and 3.4 beta users are advised to upgrade to Apache OpenOffice 3.4. Users who are unable to upgrade immediately should be cautious when opening untrusted documents.

Credits

The Apache OpenOffice Security Team credits Tielei Wang via Secunia SVCRP as the discoverer of this flaw.

---

Security Home -> Bulletin -> CVE-2012-1149