CVE-2012-2665

Name of the Vulnerable Software and Affected Versions OpenOffice.org versions prior to 3.5.5 LibreOffice versions prior to 3.5.5

Description The issue is related to a buffer overflow in the XML manifest encryption tag parsing functionality. This can be exploited by a remote attacker using a crafted Open Document Text (.odt) file, potentially allowing them to execute arbitrary code, cause a denial of service, or access and modify confidential data. The exploitation can occur through various means, including a child tag within an incorrect parent tag, duplicate tags, or a Base64 ChecksumAttribute with a length not evenly divisible by four.

Recommendations For OpenOffice.org versions prior to 3.5.5, update to version 3.5.5 or later to resolve the issue. For LibreOffice versions prior to 3.5.5, update to version 3.5.5 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted Open Document Text (.odt) files and restricting access to sensitive data until the update is applied.