LibreOffice 3.3.2 includes a feature to import ‘Lotus Word Pro’ (.lwp) documents. This import filter contains multiple vulnerabilities. CERT/CC has confirmed that code execution is possible by exploiting a stack buffer overflow.
LibreOffice 3.3.2, 3.3.1, and possibly earlier versions fail to properly handle ‘Lotus Word Pro’ (.lwp) documents. The (.lwp) format is the native file format for Lotus Word Pro that is a word processor developed by IBM’s Lotus Software group. More details can be found by reviewing the following patch commits: Commit 1 and Commit 2.
By convincing a user to open a specifically crafted ‘Lotus Word Pro’ (.lwp) document, an attacker may be able to execute arbitrary code.
Apply an Update
LibreOffice 3.3.3 and 3.4.0 both address these vulnerabilities.
953183
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: April 06, 2011 Updated: June 06, 2011
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | 9 | AV:N/AC:M/Au:N/C:C/I:C/A:P |
Temporal | 7 | E:POC/RL:OF/RC:C |
Environmental | 7 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
Thanks to Will Dormann and Jared Allar of the CERT/CC for reporting these vulnerabilities.
This document was written by Jared Allar.
CVE IDs: | CVE-2011-2685 |
---|---|
Severity Metric: | 0.20 Date Public: |