CVE-2012-4233
Published: 19 November 2012
LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.
Notes
| Author | Note |
|---|---|
| jdstrand | fix pending SRU approval for 12.04 LTS (minor release update) |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libreoffice Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Ignored
(end of life)
|
|
| precise |
Released
(1:3.5.7-0ubuntu6.1)
|
|
| quantal |
Not vulnerable
(1:3.6.2~rc2-0ubuntu3)
|
|
| raring |
Not vulnerable
(1:3.6.2~rc2-0ubuntu5)
|
|
| saucy |
Not vulnerable
(1:3.6.2~rc2-0ubuntu5)
|
|
| trusty |
Does not exist
(trusty was not-affected [1:3.6.2~rc2-0ubuntu5])
|
|
| upstream |
Released
(3.5.7, 3.6.1)
|
|
|
openoffice.org Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
| lucid |
Ignored
(end of life)
|
|
| oneiric |
Not vulnerable
(transitional packages)
|
|
| precise |
Not vulnerable
(transitional packages)
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(1:3.2.1-11+squeeze8)
|