cpe:/a:libreoffice:libreoffice:3.5.:rc1 cpe:/a:libreoffice:libreoffice:3.5.0 cpe:/a:libreoffice:libreoffice:3.5.0:rc1 cpe:/a:libreoffice:libreoffice:3.5.0:rc2 cpe:/a:libreoffice:libreoffice:3.5.0:rc3 cpe:/a:libreoffice:libreoffice:3.5.1 cpe:/a:libreoffice:libreoffice:3.5.1:rc1 cpe:/a:libreoffice:libreoffice:3.5.1:rc2 cpe:/a:libreoffice:libreoffice:3.5.2 cpe:/a:libreoffice:libreoffice:3.5.2:rc1 cpe:/a:libreoffice:libreoffice:3.5.2:rc2 cpe:/a:libreoffice:libreoffice:3.5.3 cpe:/a:libreoffice:libreoffice:3.5.3:rc1 cpe:/a:libreoffice:libreoffice:3.5.3:rc2 cpe:/a:libreoffice:libreoffice:3.5.4 cpe:/a:libreoffice:libreoffice:3.5.4:rc2 cpe:/a:sun:openoffice.org CVE-2012-2665 2012-08-06T14:55:01.133-04:00 2014-11-13T22:00:43.233-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2012-08-07T16:25:00.000-04:00 SECTRACK 1027331 SECTRACK 1027332 SECUNIA 50142 SECUNIA 50146 SECUNIA 50692 BID 54769 SECUNIA 60799 DEBIAN DSA-2520 GENTOO GLSA-201209-05 GENTOO GLSA-201408-19 REDHAT RHSA-2012:1135 UBUNTU USN-1536-1 UBUNTU USN-1537-1 CONFIRM http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/ MISC http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt MISC https://bugzilla.redhat.com/show_bug.cgi?id=826077 Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four.