Integer Overflow in vclmi.dll Module in OpenOffice.org and LibreOffice

Integer Overflow in vclmi.dll Module in OpenOffice.org and LibreOffice

CVE-2012-1149 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.

Learn more about our Cis Benchmark Audit For Microsoft Office.