21 matches found
Mageia: Security Advisory (MGASA-2014-0505)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-0377)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : libreoffice on SL7.x x86_64 (20150305)
It was found that LibreOffice documents executed macros unconditionally, without user approval, when these documents were opened using LibreOffice. An attacker could use this flaw to execute arbitrary code as the user running LibreOffice by embedding malicious VBA scripts in the document as macro...
Oracle Linux 7 : libreoffice (ELSA-2015-0377)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0377 advisory. - CVE-2014-3693: Disable sdremote by default and improve flow control Tenable has extracted the preceding description block directly from the Oracle...
libreoffice security, bug fix, and enhancement update
libabw 0.0.2-1 - new upstream release 0.0.2 - generate man pages for the tools 0.0.1-1 - new upstream release libcmis 0.4.1-5 - Related: rhbz1132065 coverity: fix mismatching exceptions 0.4.1-4 - a few use-after-free fixes for the C wrapper 0.4.1-3 - Resolves: rhbz1132065 rebase to 0.4.1 libetony...
Moderate: Red Hat Security Advisory: libreoffice security, bug fix, and enhancement update
Updated libreoffice packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...
RHEL 7 : libreoffice (RHSA-2015:0377)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0377 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor...
LibreOffice 4.x < 4.2.7 Impress Remote RCE
A version of LibreOffice is installed on the remote Windows host that is 4.x prior to 4.2.7. It is, therefore, affected by a use-after-free vulnerability related to the Impress Remote socket manager that allows denial of service attacks or arbitrary code execution by means of a specially crafted...
LibreOffice 4.3.x < 4.3.3 Impress Remote RCE
A version of LibreOffice is installed on the remote Windows host that is 4.3.x prior to 4.3.3. It is, therefore, affected by a use-after-free vulnerability related to the Impress Remote socket manager that allows denial of service attacks or arbitrary code execution by means of a specially crafte...
Updated libreoffice packages fix security vulnerability
"Document as E-mail" vulnerability bnc900218. It was discovered that LibreOffice incorrectly handled the Impress remote control port. An attacker could possibly use this issue to cause Impress to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2014-3693...
SuSE 11.3 Security Update : LibreOffice (SAT Patch Number 10001)
LibreOffice was updated to fix two security issues. These security issues have been fixed : - 'Document as E-mail' vulnerability. bnc900218 - Impress remote control use-after-free vulnerability. CVE-2014-3693 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
openSUSE Security Update : libreoffice (openSUSE-SU-2014:1443-1)
libreoffice was updated to version 4.3.3 to fix two security issues : These security issues were fixed : - 'Document as E-mail' vulnerability bnc900218. - Impress remote control use-after-free vulnerability CVE-2014-3693. Various other fixes are included in the update. %NASLMINLEVEL 70300 C Tenab...
LibreOffice Impress Remote Socket Manager RCE Vulnerability (Nov 2014) - Mac OS X
LibreOffice is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
LibreOffice Impress Remote Control Use After Free (CVE-2014-3693)
A use after free vulnerability exists in LibreOffice Impress. The vulnerability is due to an error in the code managing remote control port. A remote unauthenticated attacker can exploit this vulnerability by sending crafted data to the affected port. Successful exploitation will result in...
openSUSE Security Update : libreoffice (openSUSE-SU-2014:1412-1)
libreoffice was updated to fix two security issues. These security issues were fixed : - 'Document as E-mail' vulnerability bnc900218. - Impress Remote Control Use-after-Free Vulnerability CVE-2014-3693. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...
CVE-2014-3693
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted request to TCP port 1599...
CVE-2014-3693
CVE-2014-3693 affects LibreOffice Impress Remote in LibreOffice 4.x, where a use-after-free in the socket manager allows a remote attacker to crash the process or potentially execute arbitrary code via a crafted request to TCP port 1599. The issue affects LibreOffice 4.x before 4.2.7 and 4.3.x be...
CVE-2014-3693
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted request to TCP port 1599...
CVE-2014-3693
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted request to TCP port 1599...
[BSA-099] Security update for libreofice
Rene Engelhard uploaded new packages for libreoffice which fixed the following security problems: CVE-2014-3693: Use-After-Free in socket manager of Impress Remote It was discovered that LibreOffice 4.0.0 and later does not manage the port 1599 for the LibreOffice Impress correctly. An external...