Linux Distros 未修补的漏洞: CVE-2012-4233

high Nessus 插件 ID 217795

语言：

简介

Linux/Unix 主机上安装的一个或多个程序包存在漏洞，但供应商表示不会修补此漏洞。

描述

Linux/Unix 主机中安装的一个或多个程序包受到一个漏洞影响，而供应商没有提供补丁程序。

- 低于 3.5.7.2 ] 的 LibreOffice 3.5.x 和低于 3.6.1[] 的 3.6.x 以及OpenOffice.org (OOo)，允许远程攻击者通过构建的 (1) vcllo.dll odt 文件造成拒绝服务（空指针取消引用），（ 2) 将 ODG（绘图文档）文件复制到 svxcorelo.dll，(3) 将 ppt (PowerPoint) 文件中嵌入的 .wmf（窗口元文件）文件中的多边形记录复制到 tllo.dll，或 (4) xls (Excel) 文件到 scfiltlo.dll。 (CVE-2012-4233)

请注意，Nessus 依赖供应商报告的程序包是否存在进行判断。

解决方案

目前尚未有任何已知的解决方案。

另见

https://access.redhat.com/security/cve/cve-2012-4233

插件详情

严重性: High

ID: 217795

文件名: unpatched_CVE_2012_4233.nasl

版本: 1.2

类型: local

代理: unix

系列: Misc.

发布时间: 2025/3/4

最近更新时间: 2025/9/4

支持的传感器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

风险信息

VPR

风险因素: Medium

分数: 4.4

CVSS v2

风险因素: Medium

基本分数: 4.3

时间分数: 3.4

矢量: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS 分数来源: CVE-2012-4233

CVSS v3

风险因素: High

基本分数: 7.5

时间分数: 6.7

矢量: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

时间矢量: CVSS:3.0/E:P/RL:O/RC:C

漏洞信息

CPE: p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-zu, p-cpe:/a:redhat:enterprise_linux:libreoffice-base, p-cpe:/a:redhat:enterprise_linux:autocorr-af, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-uk, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-st, p-cpe:/a:redhat:enterprise_linux:libreoffice-sdk, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-af, cpe:/o:redhat:enterprise_linux:5, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-fr, p-cpe:/a:redhat:enterprise_linux:autocorr-fa, p-cpe:/a:redhat:enterprise_linux:libreoffice-librelogo, p-cpe:/a:redhat:enterprise_linux:libreoffice-ure, p-cpe:/a:redhat:enterprise_linux:autocorr-bg, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-it, p-cpe:/a:redhat:enterprise_linux:autocorr-sk, p-cpe:/a:redhat:enterprise_linux:libreoffice-presentation-minimizer, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ta, p-cpe:/a:redhat:enterprise_linux:libreoffice-impress, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pa, p-cpe:/a:redhat:enterprise_linux:autocorr-es, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-cs, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nso, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ca, p-cpe:/a:redhat:enterprise_linux:openoffice.org, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-eu, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sv, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-gl, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ga, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sl, p-cpe:/a:redhat:enterprise_linux:libreoffice-draw, p-cpe:/a:redhat:enterprise_linux:libreoffice-bsh, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-or, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-hr, p-cpe:/a:redhat:enterprise_linux:autocorr-cs, p-cpe:/a:redhat:enterprise_linux:autocorr-pl, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-el, p-cpe:/a:redhat:enterprise_linux:autocorr-lt, p-cpe:/a:redhat:enterprise_linux:autocorr-fr, p-cpe:/a:redhat:enterprise_linux:autocorr-ko, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-kn, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ur, p-cpe:/a:redhat:enterprise_linux:libreoffice-wiki-publisher, p-cpe:/a:redhat:enterprise_linux:autocorr-nl, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nr, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-mr, p-cpe:/a:redhat:enterprise_linux:autocorr-en, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pt-pt, p-cpe:/a:redhat:enterprise_linux:libreoffice-graphicfilter, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-en, p-cpe:/a:redhat:enterprise_linux:libreoffice-sdk-doc, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ar, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-de, p-cpe:/a:redhat:enterprise_linux:autocorr-mn, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-hu, p-cpe:/a:redhat:enterprise_linux:autocorr-lb, p-cpe:/a:redhat:enterprise_linux:autocorr-zh, p-cpe:/a:redhat:enterprise_linux:libreoffice-writer, p-cpe:/a:redhat:enterprise_linux:autocorr-hr, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ja, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sk, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ts, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nl, p-cpe:/a:redhat:enterprise_linux:libreoffice-math, p-cpe:/a:redhat:enterprise_linux:libreoffice-headless, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-lt, p-cpe:/a:redhat:enterprise_linux:libreoffice-report-builder, p-cpe:/a:redhat:enterprise_linux:autocorr-ga, p-cpe:/a:redhat:enterprise_linux:autocorr-ro, p-cpe:/a:redhat:enterprise_linux:autocorr-de, p-cpe:/a:redhat:enterprise_linux:autocorr-eu, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-hi, p-cpe:/a:redhat:enterprise_linux:libreoffice-glade, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-zh-hant, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pl, p-cpe:/a:redhat:enterprise_linux:autocorr-sr, p-cpe:/a:redhat:enterprise_linux:libreoffice-calc, p-cpe:/a:redhat:enterprise_linux:libreoffice-core, p-cpe:/a:redhat:enterprise_linux:libreoffice-filters, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-dz, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-et, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-te, p-cpe:/a:redhat:enterprise_linux:libreoffice-opensymbol-fonts, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-th, p-cpe:/a:redhat:enterprise_linux:autocorr-it, p-cpe:/a:redhat:enterprise_linux:libreoffice-testtools, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sr, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ko, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-mai, p-cpe:/a:redhat:enterprise_linux:libreoffice-xsltfilter, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ss, p-cpe:/a:redhat:enterprise_linux:autocorr-sv, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ve, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ru, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-zh-hans, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ms, p-cpe:/a:redhat:enterprise_linux:libreoffice-nlpsolver, p-cpe:/a:redhat:enterprise_linux:autocorr-ca, p-cpe:/a:redhat:enterprise_linux:libreoffice-emailmerge, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-cy, p-cpe:/a:redhat:enterprise_linux:libreoffice-rhino, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-tn, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pt-br, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-xh, p-cpe:/a:redhat:enterprise_linux:autocorr-pt, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-da, p-cpe:/a:redhat:enterprise_linux:autocorr-da, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nn, p-cpe:/a:redhat:enterprise_linux:libreoffice-gdb-debug-support, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-as, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-bg, p-cpe:/a:redhat:enterprise_linux:libreoffice-presenter-screen, p-cpe:/a:redhat:enterprise_linux:libreoffice-ogltrans, p-cpe:/a:redhat:enterprise_linux:libreoffice-pyuno, p-cpe:/a:redhat:enterprise_linux:autocorr-hu, p-cpe:/a:redhat:enterprise_linux:autocorr-ja, p-cpe:/a:redhat:enterprise_linux:autocorr-sl, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-gu, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-fi, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-bn, p-cpe:/a:redhat:enterprise_linux:autocorr-is, p-cpe:/a:redhat:enterprise_linux:autocorr-vi, p-cpe:/a:redhat:enterprise_linux:autocorr-ru, p-cpe:/a:redhat:enterprise_linux:libreoffice-pdfimport, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-tr, p-cpe:/a:redhat:enterprise_linux:autocorr-tr, p-cpe:/a:redhat:enterprise_linux:libreoffice-javafilter, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ro, p-cpe:/a:redhat:enterprise_linux:libreoffice, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nb, cpe:/o:redhat:enterprise_linux:6, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-es, p-cpe:/a:redhat:enterprise_linux:libreoffice-officebean, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-he, p-cpe:/a:redhat:enterprise_linux:autocorr-fi, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ml

必需的 KB 项: Host/local_checks_enabled, Host/cpu, global_settings/vendor_unpatched, Host/OS/identifier

可利用: true

易利用性: Exploits are available

漏洞发布日期: 2012/10/31

参考资料信息

CVE: CVE-2012-4233