CVE-2012-3455
Published: 9 August 2012
Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase.
Priority
Status
Package | Release | Status |
---|---|---|
koffice Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
natty |
Released
(1:2.3.3-0ubuntu4.1)
|
|
oneiric |
Released
(1:2.3.3-0ubuntu6.1)
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
wv2 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Not vulnerable
(0.4.2.dfsg.1-9.1)
|
|
raring |
Not vulnerable
(0.4.2.dfsg.1-9.1)
|
|
saucy |
Not vulnerable
(0.4.2.dfsg.1-9.1)
|
|
trusty |
Does not exist
(trusty was not-affected [0.4.2.dfsg.1-9.1])
|
|
upstream |
Released
(0.4.2.dfsg.1-9.1)
|
|
utopic |
Not vulnerable
(0.4.2.dfsg.1-9.1)
|
|
vivid |
Not vulnerable
(0.4.2.dfsg.1-9.1)
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|