CVE-2011-2713

Name of the Vulnerable Software and Affected Versions OpenOffice.org version 3.3.0 LibreOffice versions prior to 3.4.3

Description The issue is related to an out-of-bounds read in the DOC sprm parser, which can be triggered by a crafted DOC file. This allows a remote attacker to cause a denial of service, resulting in a crash. The vulnerability is exploited through a specially crafted DOC file, allowing an attacker to disrupt service.

Recommendations For OpenOffice.org version 3.3.0, update to a newer version to mitigate the risk. For LibreOffice versions prior to 3.4.3, update to version 3.4.3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted DOC files until a patch is available. Restrict access to untrusted DOC files to minimize the risk of exploitation.