CVE-2012-0037

Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.

Weakness

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Affected Software

Potential Mitigations

Related Attack Patterns

• https://cwe.mitre.org/data/definitions/221.html

References

• http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/
• http://librdf.org/raptor/RELEASE.html#rel2_0_7
• http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html
• http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html
• http://rhn.redhat.com/errata/RHSA-2012-0410.html
• http://rhn.redhat.com/errata/RHSA-2012-0411.html
• http://secunia.com/advisories/48479
• http://secunia.com/advisories/48493
• http://secunia.com/advisories/48494
• http://secunia.com/advisories/48526
• http://secunia.com/advisories/48529
• http://secunia.com/advisories/48542
• http://secunia.com/advisories/48649
• http://secunia.com/advisories/50692
• http://secunia.com/advisories/60799
• http://security.gentoo.org/glsa/glsa-201209-05.xml
• http://vsecurity.com/resources/advisory/20120324-1/
• http://www.debian.org/security/2012/dsa-2438
• http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
• http://www.libreoffice.org/advisories/CVE-2012-0037/
• http://www.mandriva.com/security/advisories?name=MDVSA-2012:061
• http://www.mandriva.com/security/advisories?name=MDVSA-2012:062
• http://www.mandriva.com/security/advisories?name=MDVSA-2012:063
• http://www.openoffice.org/security/cves/CVE-2012-0037.html
• http://www.openwall.com/lists/oss-security/2012/03/27/4
• http://www.osvdb.org/80307
• http://www.securityfocus.com/bid/52681
• http://www.securitytracker.com/id?1026837
• https://exchange.xforce.ibmcloud.com/vulnerabilities/74235
• https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0
• https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E
• http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/
• http://librdf.org/raptor/RELEASE.html#rel2_0_7
• http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html
• http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html
• http://rhn.redhat.com/errata/RHSA-2012-0410.html
• http://rhn.redhat.com/errata/RHSA-2012-0411.html
• http://secunia.com/advisories/48479
• http://secunia.com/advisories/48493
• http://secunia.com/advisories/48494
• http://secunia.com/advisories/48526
• http://secunia.com/advisories/48529
• http://secunia.com/advisories/48542
• http://secunia.com/advisories/48649
• http://secunia.com/advisories/50692
• http://secunia.com/advisories/60799
• http://security.gentoo.org/glsa/glsa-201209-05.xml
• http://vsecurity.com/resources/advisory/20120324-1/
• http://www.debian.org/security/2012/dsa-2438
• http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
• http://www.libreoffice.org/advisories/CVE-2012-0037/
• http://www.mandriva.com/security/advisories?name=MDVSA-2012:061
• http://www.mandriva.com/security/advisories?name=MDVSA-2012:062
• http://www.mandriva.com/security/advisories?name=MDVSA-2012:063
• http://www.openoffice.org/security/cves/CVE-2012-0037.html
• http://www.openwall.com/lists/oss-security/2012/03/27/4
• http://www.osvdb.org/80307
• http://www.securityfocus.com/bid/52681
• http://www.securitytracker.com/id?1026837
• https://exchange.xforce.ibmcloud.com/vulnerabilities/74235
• https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0
• https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E