21 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-3575
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org OOo might allow remote attackers to embed arbitrary data into documents via...
SUSE CVE-2014-3575
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org OOo might allow remote attackers to embed arbitrary data into documents via crafted OLE objects...
Mageia: Security Advisory (MGASA-2014-0447)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0446)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0022)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : openoffice -- information disclosure vulnerability (ab947396-9018-11e6-a590-14dae9d210b8)
Apache reports : The exposure exploits the way OLE previews are generated to embed arbitrary file data into a specially crafted document when it is opened. Data exposure is possible if the updated document is distributed to other parties. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Oracle: Security Advisory (ELSA-2015-0377)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache OpenOffice Multiple Vulnerabilities -01 (May 2015) - Mac OS X
Apache OpenOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:openoffice";...
Apache OpenOffice Multiple Vulnerabilities (Apr 2015) - Windows
Apache OpenOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:openoffice";...
Scientific Linux Security Update : libreoffice on SL7.x x86_64 (20150305)
It was found that LibreOffice documents executed macros unconditionally, without user approval, when these documents were opened using LibreOffice. An attacker could use this flaw to execute arbitrary code as the user running LibreOffice by embedding malicious VBA scripts in the document as macro...
Moderate: Red Hat Security Advisory: libreoffice security, bug fix, and enhancement update
Updated libreoffice packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...
RHEL 7 : libreoffice (RHSA-2015:0377)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0377 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor...
LibreOffice 4.3.x < 4.3.1 Multiple Vulnerabilities
A version of LibreOffice is installed on the remote Windows host that is 4.3.x prior to 4.3.1. It is, therefore, affected by the following vulnerabilities : - An input-validation error exists related to handling Calc spreadsheets that allows arbitrary command execution. CVE-2014-3524 - An...
LibreOffice 4.x < 4.2.6-secfix (4.2.6.3) Multiple Vulnerabilities
A version of LibreOffice is installed on the remote Windows host that is 4.x prior to 4.2.6-secfix 4.2.6.3. It is, therefore, affected by the following vulnerabilities : - An input-validation error exists related to handling Calc spreadsheets that allows arbitrary command execution. CVE-2014-3524...
Updated libreoffice packages fix security vulnerabilities
It was discovered during routine code review that LibreOffice unconditionally executed certain VBA macros on loading Microsoft Office documents, contrary to user expectations CVE-2014-0247. A vulnerability in LibreOffice allows an attacker to send a document which when opened will trigger the...
openSUSE Security Update : LibreOffice (openSUSE-SU-2014:1126-1)
This update fixes memory corruption vulnerability in DOCM import and data exposure using crafted OLE objects. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-540. The text...
SuSE 11.3 Security Update : LibreOffice (SAT Patch Number 9677)
LibreOffice was updated to version 4.0.3.3.26. SUSE 4.0-patch26, tag suse-4.0-26, based on upstream 4.0.3.3. Two security issues have been fixed : - DOCM memory corruption vulnerability. CVE-2013-4156, bnc831578 - Data exposure using crafted OLE objects. CVE-2014-3575, bnc893141 The following...
CVE-2014-3575
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org OOo might allow remote attackers to embed arbitrary data into documents via crafted OLE objects...
CVE-2014-3575
CVE-2014-3575 affects OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org, enabling remote attackers to embed arbitrary data into documents via crafted OLE objects. Connected advisories corroborate this OLE-generation flaw and its association with OpenOffice/LibreOffice su...
Apache OpenOffice < 4.1.1 Multiple Vulnerabilities
The version of Apache OpenOffice installed on the remote host is a version prior to 4.1.1. It is, therefore, affected by the following vulnerabilities : - An unspecified flaw allows remote attackers to execute arbitrary commands via a specially crafted Calc spreadsheet. CVE-2014-3524 - A flaw in...