VYPR
Unrated severityNVD Advisory· Published Jun 21, 2012· Updated Jun 16, 2026

CVE-2012-1149

CVE-2012-1149

Description

Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • Apache/Openoffice2 versions
    cpe:2.3:a:apache:openoffice.org:3.3.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apache:openoffice.org:3.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:openoffice.org:3.4:beta:*:*:*:*:*:*
  • cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*range: <=3.5.2
    • (no CPE)range: <3.5.3
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • Range: <=3.4 Beta

Patches

Vulnerability mechanics

References

23

News mentions

0

No linked articles in our index yet.