Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-4233

LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.

Related bugs and status

CVE-2012-4233 (Candidate) is related to these bugs:

Bug #1037111: [SRU] LibreOffice 3.5.7 for precise

Summary				In	Importance	Status
	1037111	[SRU] LibreOffice 3.5.7 for precise		libreoffice (Ubuntu)	High	Fix Released
	1037111	[SRU] LibreOffice 3.5.7 for precise		libreoffice (Ubuntu Precise)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2012110...
MISC: https://www.htbridge.c...
CONFIRM: http://www.libreoffice...
DEBIAN: DSA-2570
BID: 56352
SUSE: openSUSE-SU-2012:1523
SUSE: openSUSE-SU-2012:1686
CONFIRM: http://cgit.freedeskto...
CONFIRM: http://cgit.freedeskto...
CONFIRM: http://cgit.freedeskto...
CONFIRM: http://cgit.freedeskto...
XF: libreoffice-odt-dos(79...
XF: libreoffice-ppt-file-d...
XF: libreoffice-svxcorelo-...
XF: libreoffice-xls-dos(79...