CVE-2012-2149

high Apache
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
7.9%
Exploitation probability in 30 days
Top 8% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: June 21, 2012 (5075 days ago)
Last Modified: April 29, 2026
Vendor: Apache
Source: NVD

Description

The WPXContentListener::_closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org (OOo) before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report this issue as an integer overflow.

CWE

CWE-189

Affected Products

redhat enterprise linux optional productivity applicationsredhat enterprise linux desktopapache openoffice.orglibwpd libwpd

References

🔗 archives.neohapsis.com 🔗 packetstormsecurity.org 🔗 rhn.redhat.com 🔗 secunia.com 🔗 secunia.com