PT-2014-5454 · Document Foundation+4 · Libreoffice+4

Published

2014-11-05

Updated

2024-06-15

CVE-2014-3693

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions LibreOffice versions 4.x prior to 4.2.7 LibreOffice versions 4.3.x prior to 4.3.3

Description The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted request to TCP port 1599. This is due to a use-after-free vulnerability in the socket manager of Impress Remote.

Recommendations For LibreOffice versions 4.x prior to 4.2.7, update to version 4.2.7 or later. For LibreOffice versions 4.3.x prior to 4.3.3, update to version 4.3.3 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CESA-2015_0377

CVE-2014-3693

MGASA-2014-0505

OPENSUSE-SU-2024:10006-1

RHSA-2015:0377

RHSA-2015_0377

SUSE-SU-2014_1494-1

SUSE-SU-2014_1544-1

USN-2398-1

Affected Products

Centos

Libreoffice

Red Hat

Suse

Ubuntu

PT-2014-5454 · Document Foundation+4 · Libreoffice+4

CVE-2014-3693

Related Identifiers

Affected Products

References · 94