CVE-2012-4233
Published: 19 November 2012
LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.
Notes
Author | Note |
---|---|
jdstrand | fix pending SRU approval for 12.04 LTS (minor release update) |
Priority
Status
Package | Release | Status |
---|---|---|
libreoffice Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Released
(1:3.5.7-0ubuntu6.1)
|
|
quantal |
Not vulnerable
(1:3.6.2~rc2-0ubuntu3)
|
|
raring |
Not vulnerable
(1:3.6.2~rc2-0ubuntu5)
|
|
saucy |
Not vulnerable
(1:3.6.2~rc2-0ubuntu5)
|
|
trusty |
Does not exist
(trusty was not-affected [1:3.6.2~rc2-0ubuntu5])
|
|
upstream |
Released
(3.5.7, 3.6.1)
|
|
openoffice.org Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
oneiric |
Not vulnerable
(transitional packages)
|
|
precise |
Not vulnerable
(transitional packages)
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(1:3.2.1-11+squeeze8)
|