oss-sec mailing list archives
Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 28 May 2012 17:09:39 +0200
Hello Apache OpenOffice.org, LibreOffice Security Teams, vendors, originally the CVE-2012-2334 security flaw has been described as follows: [1] http://www.openoffice.org/security/cves/CVE-2012-2334.html [2] http://www.libreoffice.org/advisories/cve-2012-2334/ during internal audit of relevant upstream patches: [3] http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da [4] http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e it has been observed by Florian Weimer that the [4] patch also corrected and integer overflow, being present in the SvxMSDffManager::GetFidclData() routine, which might lead under certain circumstances to possibility of arbitrary code execution too. Update CVE-2012-2334 flaw description is at: [5] https://bugzilla.redhat.com/show_bug.cgi?id=821803#c0 This post is intended to serve as kind request to OpenOffice.org and LibreOffice upstream, they to update their corresponding advisories ([1], [2]) to reflect this fact. For what is related against upstream patches -- upon testing we can confirm, the original ones were complete and this is in no way a new security flaw. But something, which got corrected upstream in previous release(s), and should mention possibility of arbitrary code execution too in order to properly describe this deficiency. OpenOffice.org / LibreOffice upstreams - please update your advisories to reflect this if possible yet. OSS vendors, please note this notification (for case you previously categorized fix for the CVE-2012-2334 flaw as something to be postponed due to lower impact). Credit for the discovery should go to: Florian Weimer of Red Hat Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team P.S.: Would you need further background details due this, contact me or Florian off list.
Current thread:
- Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification Jan Lieskovsky (May 28)
- Re: Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification Jan Lieskovsky (May 29)
- Re: [Officesecurity] Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification Caolán McNamara (May 29)