Integer Overflow in vclmi.dll Module in OpenOffice.org and LibreOffice
CVE-2012-1149 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
Learn more about our Cis Benchmark Audit For Microsoft Office.