Title: CVE-2011-2713: Out of bounds property read in binary Microsoft Word (.doc) importer

Announced: October 05, 2011

Fixed in: LibreOffice 3.4.3


Red Hat, Inc. security researcher Huzaifa Sidhpurwala reported multiple vulnerabilities in the binary Microsoft Word (doc) file format importer where custom crafted documents trigger out of bounds behaviour.

Thanks to Huzaifa Sidhpurwala of Red Hat Security Team for reporting this vulnerability. Users are recommended to upgrade to 3.4.3 to avoid this flaw.