Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.OPENOFFICE_411.NASL
HistoryAug 27, 2014 - 12:00 a.m.

Apache OpenOffice < 4.1.1 Multiple Vulnerabilities

2014-08-2700:00:00
This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
www.tenable.com
14

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.6%

JSON

The version of Apache OpenOffice installed on the remote host is a version prior to 4.1.1. It is, therefore, affected by the following vulnerabilities :

  • An unspecified flaw allows remote attackers to execute arbitrary commands via a specially crafted Calc spreadsheet. (CVE-2014-3524)

  • A flaw in the OLE preview generation allows a remote attacker to embed arbitrary data into documents via specially crafted OLE objects. (CVE-2014-3575)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(77408);
  script_version("1.7");
  script_cvs_date("Date: 2018/07/16 14:09:15");

  script_cve_id("CVE-2014-3524", "CVE-2014-3575");
  script_bugtraq_id(69351, 69354);

  script_name(english:"Apache OpenOffice < 4.1.1 Multiple Vulnerabilities");
  script_summary(english:"Checks the version of Apache OpenOffice.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host has an application installed that is affected
by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Apache OpenOffice installed on the remote host is a
version prior to 4.1.1. It is, therefore, affected by the following
vulnerabilities :

  - An unspecified flaw allows remote attackers to execute
    arbitrary commands via a specially crafted Calc
    spreadsheet. (CVE-2014-3524)

  - A flaw in the OLE preview generation allows a remote
    attacker to embed arbitrary data into documents via
    specially crafted OLE objects. (CVE-2014-3575)");
  script_set_attribute(attribute:"see_also", value:"https://www.openoffice.org/security/cves/CVE-2014-3524.html");
  script_set_attribute(attribute:"see_also", value:"https://www.openoffice.org/security/cves/CVE-2014-3575.html");
  script_set_attribute(attribute:"solution", value:"Upgrade to Apache OpenOffice version 4.1.1 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/08/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/08/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apache:openoffice");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");

  script_dependencies("openoffice_installed.nasl");
  script_require_keys("SMB/OpenOffice/Build");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

app = "Apache OpenOffice";
build = get_kb_item_or_exit("SMB/OpenOffice/Build");
path  = get_kb_item("SMB/OpenOffice/Path");
version_ui = get_kb_item("SMB/OpenOffice/Version_UI");

matches = eregmatch(string:build, pattern:"([0-9]+[a-z][0-9]+)\(Build:([0-9]+)\)");
if (isnull(matches)) audit(AUDIT_VER_FAIL, app);

buildid = int(matches[2]);
if (buildid <= 9764)
{
  port = get_kb_item("SMB/transport");
  if (!port) port = 445;

  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version_ui +
      '\n  Fixed version     : 4.1.1 (411m6 / build 9775)' +
      '\n';
    security_hole(port:port, extra:report);
  }
  else security_hole(port);
  exit(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, app, version_ui, path);
VendorProductVersionCPE
apacheopenofficecpe:/a:apache:openoffice

Related

openvas 12
nessus 15
ubuntu 2
fedora 1
ubuntucve 2
mageia 3
securityvulns 6
cvelist 2
nvd 2
cve 2
freebsd 1
prion 2
ibm 1
hackerone 1
suse 2
oraclelinux 1
redhat 1
centos 1
gentoo 1
openvas
openvas
Apache OpenOffice Multiple Vulnerabilities -01 (May 2015) - Mac OS X
2015-06-01 00:00:00
Apache OpenOffice Multiple Vulnerabilities (Apr 2015) - Windows
2015-04-09 00:00:00
Fedora Update for libreoffice FEDORA-2014-10732
2014-09-14 00:00:00
nessus
nessus
LibreOffice 4.3.x < 4.3.1 Multiple Vulnerabilities
2014-12-17 00:00:00
LibreOffice 4.x < 4.2.6-secfix (4.2.6.3) Multiple Vulnerabilities
2014-12-17 00:00:00
FreeBSD : openoffice -- information disclosure vulnerability (ab947396-9018-11e6-a590-14dae9d210b8)
2016-10-12 00:00:00
ubuntu
ubuntu
LibreOffice vulnerability
2014-11-10 00:00:00
LibreOffice vulnerability
2014-09-02 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: libreoffice-4.2.6.3-3.fc20
2014-09-14 03:27:11
ubuntucve
ubuntucve
CVE-2014-3575
2014-08-26 00:00:00
CVE-2014-3524
2014-08-26 00:00:00
mageia
mageia
Updated libreoffice packages fix security vulnerability
2014-11-14 04:24:42
Updated libreoffice packages fix security vulnerabilities
2014-11-14 04:24:42
Updated openssl packages fix security vulnerabilities
2015-01-11 22:54:28
securityvulns
securityvulns
[USN-2400-1] LibreOffice vulnerability
2014-11-24 00:00:00
CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects
2014-08-24 00:00:00
CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability
2014-08-24 00:00:00
cvelist
cvelist
CVE-2014-3575
2014-08-27 00:00:00
CVE-2014-3524
2014-08-26 14:00:00
nvd
nvd
CVE-2014-3575
2014-08-27 00:55:04
CVE-2014-3524
2014-08-26 14:55:05
cve
cve
CVE-2014-3575
2014-08-27 00:55:04
CVE-2014-3524
2014-08-26 14:55:05
freebsd
freebsd
openoffice -- information disclosure vulnerability
2014-08-21 00:00:00
prion
prion
Design/Logic Flaw
2014-08-27 00:55:00
Design/Logic Flaw
2014-08-26 14:55:00
ibm
ibm
Security Bulletin: CVE-2014-3524 CSV Injection in reports
2020-07-24 21:16:35
hackerone
hackerone
Consensys: CSV Injection at https://assets-paris-demo.codefi.network/
2022-10-25 08:59:53
suse
suse
LibreOffice: two security fixes (important)
2014-09-15 09:04:13
Security update for LibreOffice (important)
2014-09-11 15:04:17
oraclelinux
oraclelinux
libreoffice security, bug fix, and enhancement update
2015-03-11 00:00:00
redhat
redhat
(RHSA-2015:0377) Moderate: libreoffice security, bug fix, and enhancement update
2015-03-05 05:43:01
centos
centos
autocorr, libabw, libcmis, libetonyek, libfreehand, liblangtag, libmwaw, libodfgen, libreoffice, mdds security update
2015-03-17 13:28:31
gentoo
gentoo
LibreOffice, OpenOffice: Multiple vulnerabilities
2016-03-09 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.6%

JSON
Related for OPENOFFICE_411.NASL
openvas12nessus15ubuntu2fedora1ubuntucve2mageia3securityvulns6cvelist2nvd2cve2freebsd1prion2ibm1hackerone1suse2oraclelinux1redhat1centos1gentoo1