Description
Multiple heap-based buffer overflow flaws were found in the way
OpenOffice.org processed encryption information in the manifest files of
OpenDocument Format files. An attacker could provide a specially-crafted
OpenDocument Format file that, when opened in an OpenOffice.org
application, would cause the application to crash or, potentially, execute
arbitrary code with the privileges of the user running the application.
(CVE-2012-2665)
Upstream acknowledges Timo Warns as the original reporter of these issues.