Return-Path: X-Original-To: apmail-incubator-ooo-users-archive@minotaur.apache.org Delivered-To: apmail-incubator-ooo-users-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 69439D5A7 for ; Mon, 27 Aug 2012 21:03:08 +0000 (UTC) Received: (qmail 38584 invoked by uid 500); 27 Aug 2012 21:03:07 -0000 Delivered-To: apmail-incubator-ooo-users-archive@incubator.apache.org Received: (qmail 38404 invoked by uid 500); 27 Aug 2012 21:03:07 -0000 Mailing-List: contact ooo-users-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ooo-users@incubator.apache.org Delivered-To: mailing list ooo-users@incubator.apache.org Received: (qmail 38201 invoked by uid 99); 27 Aug 2012 21:03:07 -0000 Received: from minotaur.apache.org (HELO minotaur.apache.org) (140.211.11.9) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 27 Aug 2012 21:03:07 +0000 Received: from localhost (HELO mail-vc0-f175.google.com) (127.0.0.1) (smtp-auth username robweir, mechanism plain) by minotaur.apache.org (qpsmtpd/0.29) with ESMTP; Mon, 27 Aug 2012 21:03:07 +0000 Received: by vcbfy27 with SMTP id fy27so4887540vcb.6 for ; Mon, 27 Aug 2012 14:03:06 -0700 (PDT) MIME-Version: 1.0 Received: by 10.58.84.198 with SMTP id b6mr530926vez.10.1346101386138; Mon, 27 Aug 2012 14:03:06 -0700 (PDT) Received: by 10.220.197.78 with HTTP; Mon, 27 Aug 2012 14:03:06 -0700 (PDT) Date: Mon, 27 Aug 2012 17:03:06 -0400 Message-ID: Subject: CVE-2012-2665 Manifest-processing errors in Apache OpenOffice 3.4.0 From: Rob Weir To: ooo-dev@incubator.apache.org, ooo-users@incubator.apache.org Content-Type: text/plain; charset=UTF-8 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2012-2665 Manifest-processing errors in Apache OpenOffice 3.4.0 Reference: http://www.openoffice.org/security/cves/CVE-2012-2665.html Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 3.4.0, all languages, all platforms. Earlier versions of OpenOffice.org may be also affected. Description: When OpenOffice reads an ODF document, it first loads and processes an XML stream within the file called the manifest. Apache OpenOffice 3.4.0 has logic errors that allows a carefully crafted manifest to cause reads and writes beyond allocated buffers. No specific exploit has been demonstrated in this case, though such flaws generally are conducive to exploitation, possibly including denial of service and elevation of privilege. Mitigation OpenOffice users are advised to upgrade to Apache OpenOffice 3.4.1: http://www.openoffice.org/download/ Users who are unable to upgrade immediately should exercise caution when opening untrusted ODF documents. Credits The Apache OpenOffice Security Team acknowledges Timo Warns of PRESENSE Technologies GmbH as the discoverer of these flaws. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCgAGBQJQO9pNAAoJEGFAoYdHzLzHMTgP/RhtW9cIbb1YgNiQIjZgmhfd EfTDVsVa/mhSVwCcMF5oyJN1SYrscxK94NlcXOAhWZ/utPwCLev5Pv3BE8Y1gZ8Y LJoGtFaxbByzbixAOtOqAWR3b84QM2wjDgqd6Cf7Yio00Wgeqs4vrvAkwCCNKroa 7iOZfhw/3kV8spiMIYTESz+OIzZ09NOz9G36hFn3Yn5CHTcbO0sPE9hJGVhE8Y6Q 92plJKcAgXFv8hdjQwGeda8H40jQqv86/FbDtn9muMtJICozlHQyhdk26E3up0Yo IUnN522h4PJyq3zvs9GRbLPh6RS3zpMt82Sz6MG8lgKkKcGFxmjGHHQeFTh2QLd9 opghFYVtYjHdDnj9g5/iKEPkXxE//DXDtrfk/AP29WOMSupXwh5yq5blvpUmFODB FdfBxPyefRmYWarA1DN5IhnT17MjyHlrAX/wY6NJjurjsJWCKpbc2jeaNgmLMTDH IBiKWygALM7E2Qk/a3cRKCfFdsJxAQ15UMFNzTh6k4iXyWZpzDoBg+DPpN6GCHQy SyH8aOSjufuCyGk/yoS6d+NZcl91g3FSsvnP/8nuCsYex5GKVLR/ffXi4YIcKDQK 6Z2tgGLn6xadmj63hWb91GMvIfw1n9mJ9JXGn0gzhnr5xvix+JOGKKjW9tvV492S WCdOJJ8o6cV4lJqeIeGm =xMKS -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: ooo-users-unsubscribe@incubator.apache.org For additional commands, e-mail: ooo-users-help@incubator.apache.org