Fedora Account System
Red Hat Associate
Red Hat Customer
An integer overflow flaw, leading to buffer overflow, was found in the way OpenOffice.org processed invalid Escher graphics records length in PowerPoint documents. An attacker could provide a specially-crafted PowerPoint document that, when opened, would cause OpenOffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running OpenOffice.org. Upstream patches: [1] http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da [2] http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e
This issue affects the versions of the openoffice.org package, as shipped with Red Hat Enterprise Linux 5 and 6. -- This issue affects the versions of the libreoffice package, as shipped with Fedora release of 15 and 16.
Acknowledgements: Upstream acknowledges Sven Jacobi as the original reporter of this issue.
Preliminary embargo date, proposed by upstream, is tomorrow, Wednesday, 16-th May 2012 at 14:00 UTC time.
Created attachment 584890 [details] RHEL-5 backport
(In reply to comment #8) > Created attachment 584890 [details] > RHEL-5 backport applies and work for RHEL-6 too
LibreOffice upstream advisory: [3] http://www.libreoffice.org/advisories/cve-2012-2334/ OpenOffice.org upstream advisory: [4] http://www.openoffice.org/security/cves/CVE-2012-2334.html
Statement: (none)
Created attachment 586622 [details] Updated RHEL-5 CVE-2012-2334 patch proposal from Caolan McNamara
Created attachment 587309 [details] final patch
Created attachment 587370 [details] final patch
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2012:0705 https://rhn.redhat.com/errata/RHSA-2012-0705.html