Title: CVE-2012-4233: Multiple denial of service vulnerabilities

Announced: October 31 2012

Fixed in: LibreOffice 3.5.7/3.6.1


Multiple denial of service flaws were found in various import filters of LibreOffice. An attacker could create a specially-crafted file in the .xls (Excel), .wmf (Window Meta File) or Open Document Format for Office Applications formats which when loaded would immediately terminate the application.

Thanks to High-Tech Bridge for reporting these flaws. Users are recommended to upgrade to 3.5.7 or 3.6.1 to avoid these flaws