Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.LIBREOFFICE_431.NASL
HistoryDec 17, 2014 - 12:00 a.m.

LibreOffice 4.3.x < 4.3.1 Multiple Vulnerabilities

2014-12-1700:00:00
This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
www.tenable.com
8
JSON

A version of LibreOffice is installed on the remote Windows host that is 4.3.x prior to 4.3.1. It is, therefore, affected by the following vulnerabilities :

  • An input-validation error exists related to handling Calc spreadsheets that allows arbitrary command execution. (CVE-2014-3524)

  • An input-validation error exists related to ‘Update Links’ prompt handling that allows information disclosure via improperly included OLE2 previews.
    (CVE-2014-3575)

Note that Nessus has not attempted to exploit these issues but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(80080);
  script_version("1.10");
  script_cvs_date("Date: 2018/11/15 20:50:27");

  script_cve_id("CVE-2014-3524", "CVE-2014-3575");
  script_bugtraq_id(69351, 69354);

  script_name(english:"LibreOffice 4.3.x < 4.3.1 Multiple Vulnerabilities");
  script_summary(english:"Checks the version of LibreOffice.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host contains an application that is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"A version of LibreOffice is installed on the remote Windows host that
is 4.3.x prior to 4.3.1. It is, therefore, affected by the following
vulnerabilities :

  - An input-validation error exists related to handling
    Calc spreadsheets that allows arbitrary command
    execution. (CVE-2014-3524)

  - An input-validation error exists related to 'Update
    Links' prompt handling that allows information
    disclosure via improperly included OLE2 previews.
    (CVE-2014-3575)

Note that Nessus has not attempted to exploit these issues but has
instead relied only on the application's self-reported version number.");
  script_set_attribute(attribute:"solution", value:"Upgrade to LibreOffice version 4.3.1 (4.3.1.2) or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"see_also", value:"https://www.libreoffice.org/about-us/security/advisories/cve-2014-3524/");
  script_set_attribute(attribute:"see_also", value:"https://www.libreoffice.org/about-us/security/advisories/cve-2014-3575/");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/08/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/08/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:libreoffice:libreoffice");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");

  script_dependencies("libreoffice_installed.nasl");
  script_require_keys("installed_sw/LibreOffice");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("install_func.inc");

app_name = "LibreOffice";

install = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);
version    = install['version'];
version_ui = install['display_version'];
path       = install['path'];

if (
  # 4.3.x < 4.3.1
  version =~ "^4\.3\.0($|[^0-9])" ||
  # 4.3.1.x < 4.3.1.2
  version =~ "^4\.3\.1\.[0-1]($|[^0-9])"
)
{
  port = get_kb_item("SMB/transport");
  if (!port) port = 445;

  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version_ui +
      '\n  Fixed version     : 4.3.1 (4.3.1.2)' +
      '\n';
    security_hole(port:port, extra:report);
  }
  else security_hole(port);
}
else audit(AUDIT_INST_PATH_NOT_VULN, app_name, version_ui, path);
VendorProductVersionCPE
libreofficelibreofficecpe:/a:libreoffice:libreoffice

Related

openvas 12
nessus 13
fedora 1
ubuntucve 2
mageia 3
ubuntu 2
securityvulns 6
cvelist 2
prion 2
cve 2
freebsd 1
ibm 1
hackerone 1
suse 2
redhat 1
centos 1
oraclelinux 1
gentoo 1
openvas
openvas
Apache OpenOffice Multiple Vulnerabilities -01 (May 2015) - Mac OS X
2015-06-01 00:00:00
Apache OpenOffice Multiple Vulnerabilities (Apr 2015) - Windows
2015-04-09 00:00:00
Fedora Update for libreoffice FEDORA-2014-10732
2014-09-14 00:00:00
nessus
nessus
Apache OpenOffice < 4.1.1 Multiple Vulnerabilities
2014-08-27 00:00:00
LibreOffice 4.x < 4.2.6-secfix (4.2.6.3) Multiple Vulnerabilities
2014-12-17 00:00:00
FreeBSD : openoffice -- information disclosure vulnerability (ab947396-9018-11e6-a590-14dae9d210b8)
2016-10-12 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: libreoffice-4.2.6.3-3.fc20
2014-09-14 03:27:11
ubuntucve
ubuntucve
CVE-2014-3575
2014-08-26 00:00:00
CVE-2014-3524
2014-08-26 00:00:00
mageia
mageia
Updated libreoffice packages fix security vulnerability
2014-11-14 04:24:42
Updated libreoffice packages fix security vulnerabilities
2014-11-14 04:24:42
Updated openssl packages fix security vulnerabilities
2015-01-11 22:54:28
ubuntu
ubuntu
LibreOffice vulnerability
2014-11-10 00:00:00
LibreOffice vulnerability
2014-09-02 00:00:00
securityvulns
securityvulns
[USN-2400-1] LibreOffice vulnerability
2014-11-24 00:00:00
CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects
2014-08-24 00:00:00
CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability
2014-08-24 00:00:00
cvelist
cvelist
CVE-2014-3575
2014-08-27 00:00:00
CVE-2014-3524
2014-08-26 14:00:00
prion
prion
Design/Logic Flaw
2014-08-27 00:55:00
Design/Logic Flaw
2014-08-26 14:55:00
cve
cve
CVE-2014-3575
2014-08-27 00:55:00
CVE-2014-3524
2014-08-26 14:55:00
freebsd
freebsd
openoffice -- information disclosure vulnerability
2014-08-21 00:00:00
ibm
ibm
Security Bulletin: CVE-2014-3524 CSV Injection in reports
2020-07-24 21:16:35
hackerone
hackerone
Consensys: CSV Injection at https://assets-paris-demo.codefi.network/
2022-10-25 08:59:53
suse
suse
LibreOffice: two security fixes (important)
2014-09-15 09:04:13
Security update for LibreOffice (important)
2014-09-11 15:04:17
redhat
redhat
(RHSA-2015:0377) Moderate: libreoffice security, bug fix, and enhancement update
2015-03-05 05:43:01
centos
centos
autocorr, libabw, libcmis, libetonyek, libfreehand, liblangtag, libmwaw, libodfgen, libreoffice, mdds security update
2015-03-17 13:28:31
oraclelinux
oraclelinux
libreoffice security, bug fix, and enhancement update
2015-03-11 00:00:00
gentoo
gentoo
LibreOffice, OpenOffice: Multiple vulnerabilities
2016-03-09 00:00:00
JSON
Related for LIBREOFFICE_431.NASL
openvas12nessus13fedora1ubuntucve2mageia3ubuntu2securityvulns6cvelist2prion2cve2freebsd1ibm1hackerone1suse2redhat1centos1oraclelinux1gentoo1