====================================================================

                             CERT-Renater

                  Note d'Information No. 2012/VULN214
____________________________________________________________________

DATE                : 18/05/2012

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S) : Systems running LibreOffice versions prior
                                                     to 3.5.3.

======================================================================
http://www.libreoffice.org/advisories/cve-2012-1149/
______________________________________________________________________

CVE-2012-1149
Title: CVE-2012-1149 Integer overflows in graphic object loading

Announced: May 16 2012

Fixed in: LibreOffice 3.5.3

Description:

An integer overflow vulnerability in LibreOffice graphic loading code
could allow a remote attacker to cause a denial of service (application
crash) or potentially execute arbitrary code on vulnerable
installations of LibreOffice.

Thanks to Tielei Wang via Secunia SVCRP for reporting this flaw. Users
are recommended to upgrade to 3.5.3 to avoid this flaw



References:

CVE-2012-1149

======================================================================

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
=========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44          +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
+ 75013 Paris           | email: certsvp@renater.fr     +
=========================================================