{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2012-01-29T00:00:00.000Z","descriptions":[{"lang":"en","value":"Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-03-05T13:06:05.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"60799","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/60799"},{"name":"48526","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/48526"},{"name":"48479","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/48479"},{"name":"GLSA-201408-19","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"},{"name":"GLSA-201209-05","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"http://security.gentoo.org/glsa/glsa-201209-05.xml"},{"name":"48494","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/48494"},{"name":"1026837","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1026837"},{"name":"MDVSA-2012:061","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"},{"name":"52681","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/52681"},{"name":"FEDORA-2012-4663","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"},{"name":"48529","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/48529"},{"name":"80307","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/80307"},{"name":"RHSA-2012:0410","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2012-0410.html"},{"name":"[oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation  (Multiple office products affected)","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2012/03/27/4"},{"name":"MDVSA-2012:062","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"},{"name":"48542","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/48542"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.libreoffice.org/advisories/CVE-2012-0037/"},{"tags":["x_refsource_MISC"],"url":"http://vsecurity.com/resources/advisory/20120324-1/"},{"name":"50692","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/50692"},{"tags":["x_refsource_CONFIRM"],"url":"http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"},{"name":"48649","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/48649"},{"name":"openoffice-xml-info-disclosure(74235)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"},{"name":"DSA-2438","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2012/dsa-2438"},{"name":"RHSA-2012:0411","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2012-0411.html"},{"name":"48493","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/48493"},{"name":"FEDORA-2012-4629","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"},{"name":"MDVSA-2012:063","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.openoffice.org/security/cves/CVE-2012-0037.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://librdf.org/raptor/RELEASE.html#rel2_0_7"},{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"},{"name":"[openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T18:09:17.171Z"},"title":"CVE Program Container","references":[{"name":"60799","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/60799"},{"name":"48526","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/48526"},{"name":"48479","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/48479"},{"name":"GLSA-201408-19","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"},{"name":"GLSA-201209-05","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"http://security.gentoo.org/glsa/glsa-201209-05.xml"},{"name":"48494","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/48494"},{"name":"1026837","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1026837"},{"name":"MDVSA-2012:061","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"},{"name":"52681","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/52681"},{"name":"FEDORA-2012-4663","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"},{"name":"48529","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/48529"},{"name":"80307","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/80307"},{"name":"RHSA-2012:0410","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2012-0410.html"},{"name":"[oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation  (Multiple office products affected)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2012/03/27/4"},{"name":"MDVSA-2012:062","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"},{"name":"48542","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/48542"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.libreoffice.org/advisories/CVE-2012-0037/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://vsecurity.com/resources/advisory/20120324-1/"},{"name":"50692","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/50692"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"},{"name":"48649","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/48649"},{"name":"openoffice-xml-info-disclosure(74235)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"},{"name":"DSA-2438","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2012/dsa-2438"},{"name":"RHSA-2012:0411","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2012-0411.html"},{"name":"48493","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/48493"},{"name":"FEDORA-2012-4629","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"},{"name":"MDVSA-2012:063","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.openoffice.org/security/cves/CVE-2012-0037.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://librdf.org/raptor/RELEASE.html#rel2_0_7"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"},{"name":"[openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2012-0037","datePublished":"2012-06-17T01:00:00.000Z","dateReserved":"2011-12-07T00:00:00.000Z","dateUpdated":"2024-08-06T18:09:17.171Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}