CVE 2012-2334

Integer overflow in filter/source/msfilter/msdffimp.cxx in (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.

See the CVE page on for more details.