CVE-2013-2189
Title: CVE-2013-2189: Microsoft .doc Memory Corruption Vulnerability
Announced: July 26 2013
Fixed in: LibreOffice 3.4.3
Description:
Prior to version 3.4.3 a vulnerability exists where parsing a malformed Microsoft .doc file can operate on invalid PLCF (Plex of Character Positions in File) data. Users should already have upgraded to versions >= 3.4.3 due to earlier advisories.
Thanks to Jeremy Brown of Microsoft Vulnerability Research for reporting this flaw.
References:
Follow Us