[email protected]CVE-2014-3524

HistoryAug 26, 2014 - 2:55 p.m.

CVE-2014-3524

2014-08-2614:55:00

CWE-77

[email protected]

web.nvd.nist.gov

apache

openoffice

cve-2014-3524

command execution

security vulnerability

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.4%

JSON

Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.

CPENameOperatorVersion
apache:openofficeapache openofficelt4.1.1
libreoffice:libreofficelibreofficelt4.3.1
libreoffice:libreofficelibreofficelt4.2.6

CPE	Name	Operator	Version
apache:openoffice	apache openoffice	lt	4.1.1
libreoffice:libreoffice	libreoffice	lt	4.3.1
libreoffice:libreoffice	libreoffice	lt	4.2.6

References

blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/

secunia.com/advisories/59600

secunia.com/advisories/59877

secunia.com/advisories/60235

www.openoffice.org/security/cves/CVE-2014-3524.html

www.securityfocus.com/archive/1/533200/100/0/threaded

www.securityfocus.com/bid/69351

www.securitytracker.com/id/1030755

exchange.xforce.ibmcloud.com/vulnerabilities/95421

security.gentoo.org/glsa/201603-05

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.4%

JSON

Related for CVE-2014-3524

nessus5 ubuntucve1 cvelist1 securityvulns2 openvas4 ibm1 hackerone1 prion1 ubuntu1 gentoo1