cpe:/a:apache:openoffice.org:3.3.0 cpe:/a:apache:openoffice.org:3.4:beta cpe:/a:libreoffice:libreoffice:3.5.2 cpe:/o:debian:debian_linux:6.0 cpe:/o:debian:debian_linux:7.0 cpe:/o:fedoraproject:fedora:15 cpe:/o:fedoraproject:fedora:16 cpe:/o:redhat:enterprise_linux:5.0 cpe:/o:redhat:enterprise_linux_desktop:5.0 cpe:/o:redhat:enterprise_linux_desktop:6.0 cpe:/o:redhat:enterprise_linux_server:6.0 cpe:/o:redhat:enterprise_linux_server_aus:6.2 cpe:/o:redhat:enterprise_linux_server_eus:6.2.z cpe:/o:redhat:enterprise_linux_workstation:6.0 CVE-2012-1149 2012-06-21T11:55:11.537-04:00 2017-08-28T21:31:13.180-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2016-08-30T13:29:59.997-04:00 SECTRACK 1027068 BUGTRAQ 20120516 CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object SECUNIA 46992 SECUNIA 47244 SECUNIA 49140 SECUNIA 49373 SECUNIA 49392 SECUNIA 50692 BID 53570 SECUNIA 60799 OSVDB 81988 DEBIAN DSA-2473 DEBIAN DSA-2487 FEDORA FEDORA-2012-8042 FEDORA FEDORA-2012-8114 GENTOO GLSA-201209-05 GENTOO GLSA-201408-19 MANDRIVA MDVSA-2012:090 MANDRIVA MDVSA-2012:091 REDHAT RHSA-2012:0705 CONFIRM http://www.libreoffice.org/advisories/cve-2012-1149 / CONFIRM http://www.libreoffice.org/advisories/cve-2012-1149/ CONFIRM http://www.openoffice.org/security/cves/CVE-2012-1149.html XF openoffice-vclmi-bo(75692) Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.