Candidate: CVE-2012-4233
PublicDate: 2012-11-19 12:10:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4233
 https://www.htbridge.com/advisory/HTB23106
 http://www.debian.org/security/2012/dsa-2570
 http://seclists.org/oss-sec/2012/q4/193
 https://www.libreoffice.org/advisories/cve-2012-4233/
Description:
 LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org
 (OOo), allows remote attackers to cause a denial of service (NULL pointer
 dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing
 document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window
 Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls
 (Excel) file to scfiltlo.dll.
Ubuntu-Description:
Notes:
 jdstrand> fix pending SRU approval for 12.04 LTS (minor release update)
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1037111
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_openoffice.org:
upstream_openoffice.org: released (1:3.2.1-11+squeeze8)
hardy_openoffice.org: ignored (reached end-of-life)
lucid_openoffice.org: ignored (reached end-of-life)
oneiric_openoffice.org: not-affected (transitional packages)
precise_openoffice.org: not-affected (transitional packages)
quantal_openoffice.org: DNE
raring_openoffice.org: DNE
saucy_openoffice.org: DNE
trusty_openoffice.org: DNE
trusty/esm_openoffice.org: DNE
devel_openoffice.org: DNE

Patches_libreoffice:
upstream_libreoffice: released (3.5.7, 3.6.1)
hardy_libreoffice: DNE
lucid_libreoffice: DNE
oneiric_libreoffice: ignored (reached end-of-life)
precise_libreoffice: released (1:3.5.7-0ubuntu6.1)
quantal_libreoffice: not-affected (1:3.6.2~rc2-0ubuntu3)
raring_libreoffice: not-affected (1:3.6.2~rc2-0ubuntu5)
saucy_libreoffice: not-affected (1:3.6.2~rc2-0ubuntu5)
trusty_libreoffice: not-affected (1:3.6.2~rc2-0ubuntu5)
trusty/esm_libreoffice: DNE (trusty was not-affected [1:3.6.2~rc2-0ubuntu5])
devel_libreoffice: not-affected (1:3.6.2~rc2-0ubuntu5)