FKIE_CVE-2012-3455

Vulnerability from fkie_nvd - Published: 2012-08-20 19:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2012-08/msg00040.html
secalert@redhat.comhttp://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf
secalert@redhat.comhttp://secunia.com/advisories/50199Vendor Advisory
secalert@redhat.comhttp://www.kde.org/info/security/advisory-20120810-1.txt
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2012/08/04/1
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2012/08/04/5
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2012/08/06/1
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2012/08/06/6
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2012/08/10/1
secalert@redhat.comhttp://www.securityfocus.com/bid/54816
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-1526-1
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/77483
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2012-08/msg00040.html
af854a3a-2127-422b-91ae-364da2661108http://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/50199Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20120810-1.txt
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/08/04/1
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/08/04/5
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/08/06/1
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/08/06/6
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/08/10/1
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/54816
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1526-1
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/77483
Impacted products
Vendor Product Version
kde koffice *
kde koffice 1.2
kde koffice 1.2.1
kde koffice 1.3
kde koffice 1.3
kde koffice 1.3
kde koffice 1.3
kde koffice 1.3.1
kde koffice 1.3.2
kde koffice 1.3.3
kde koffice 1.3.4
kde koffice 1.3.5
kde koffice 1.4
kde koffice 1.4.1
kde koffice 1.4.2
kde koffice 1.6.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kde:koffice:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23BD6648-1429-46D3-8832-EAF6078F3A89",
              "versionEndIncluding": "2.3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADDFDF11-A965-48B0-AC5A-1AB34A8FE93B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C88CD4B3-FC36-4009-AF40-E5930167B62A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "022B3A2E-BB9E-4A57-8E34-32BCA5A72CA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "4961F911-B185-440D-9977-FDA238BB1EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "A15C155C-4CDB-43CD-86F3-F969B6CBADF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E505C5-C809-425F-AF68-A8D79330DE83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "267A2353-C2B9-4D7F-9290-9E3AC1B8C8D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C69061C5-F7AF-4F1B-B6B1-3F76CF61F8AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document.  NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer de memoria din\u00e1mica en la funci\u00f3n de lectura en filters/words/msword-odf/wv2/src/styles.cpp en el filtro Microsoft import filter in KOffice 2.3.3 y anteriores que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente la ejecuci\u00f3n de c\u00f3digo arbitrario a trav\u00e9s de un estilo ODF manipulado en un documento ODF. NOTA:esta es la misma vulnerabilidad que CVE-2012-3456, pero fue dividida por el CNA debido a que Calligra y KOffice comparten parte del mismo c\u00f3digo."
    }
  ],
  "id": "CVE-2012-3455",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-08-20T19:55:05.433",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00040.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/50199"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.kde.org/info/security/advisory-20120810-1.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/04/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/04/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/06/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/06/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/10/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/54816"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-1526-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77483"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00040.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/50199"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kde.org/info/security/advisory-20120810-1.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/04/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/04/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/06/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/06/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/08/10/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/54816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1526-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77483"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.