[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-3575Date: (C)2014-08-28   (M)2023-12-22


The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECTRACK-1030754
http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html
SECUNIA-59600
SECUNIA-59877
BID-69354
FEDORA-2014-10732
GLSA-201603-05
RHSA-2015:0377
apache-openoffice-cve20143575-info-disc(95420)
http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/
http://www.openoffice.org/security/cves/CVE-2014-3575.html

CPE    4
cpe:/a:libreoffice:libreoffice
cpe:/o:redhat:enterprise_linux_workstation:7.0
cpe:/o:redhat:enterprise_linux_desktop:7.0
cpe:/o:redhat:enterprise_linux_server:7.0
...
CWE    1
CWE-200
OVAL    16
oval:org.secpod.oval:def:26779
oval:org.secpod.oval:def:1500933
oval:org.secpod.oval:def:23617
oval:org.secpod.oval:def:20964
...

© SecPod Technologies