Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4233

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-4233
Last Modified 03 Jan 2013 11:42:20
Published 19 Nov 2012 07:10:51
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4233

Summary

LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.

Vulnerable Systems

Application

  • Libreoffice 3.5

  • Libreoffice 3.5.

  • Libreoffice 3.5.0

  • Libreoffice 3.5.1

  • Libreoffice 3.5.2

  • Libreoffice 3.5.3

  • Libreoffice 3.5.4

  • Libreoffice 3.5.5

  • Libreoffice 3.5.5.1

  • Libreoffice 3.5.5.2

  • Libreoffice 3.5.5.3

  • Libreoffice 3.5.6

  • Libreoffice 3.5.6.1

  • Libreoffice 3.5.6.2

  • Libreoffice 3.5.6.3

  • Libreoffice 3.6

  • Sun Openoffice.org -


References

MISC - https://www.htbridge.com/advisory/HTB23106

XF - libreoffice-xls-dos(79732)

XF - libreoffice-ppt-file-dos(79731)

XF - libreoffice-svxcorelo-dos(79730)

XF - libreoffice-odt-dos(79728)

BID - 56352

MLIST - [oss-security] 20121102 Re: CVE-2012-4233: multiple null pointer dereference flaws in LibreOffice/OpenOffice.org

CONFIRM - http://www.libreoffice.org/advisories/cve-2012-4233/

DEBIAN - DSA-2570

CONFIRM - http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=8ca9fb05c9967f11670d045886438ddfa3ac02a7

CONFIRM - http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=6789ec4c1a9c6af84bd62e650a03226a46365d97

CONFIRM - http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=44bc6b5cac723b52df40fbef026e99b7119d8a69

CONFIRM - http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7&id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b

SUSE - openSUSE-SU-2012:1523

SUSE - openSUSE-SU-2012:1686

Related Patches

Novell SUSE 2012:6804 libreoffice-356 security update for SLED 11 SP2 i586

Novell SUSE 2012:6804 libreoffice-356 security update for SLED 11 SP2 x86_64

Novell SUSE 2012:8286 libreoffice security update for SLED 10 SP4 i586

Novell SUSE 2012:8286 libreoffice security update for SLED 10 SP4 x86_64


Last Updated: 27 May 2016 10:56:40