4.3

CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheOpenoffice Version < 4.1.1
LibreofficeLibreoffice Version < 4.2.6
LibreofficeLibreoffice Version >= 4.3.0 < 4.3.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.86% 0.95
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://rhn.redhat.com/errata/RHSA-2015-0377.html
Third Party Advisory
http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/
Vendor Advisory
http://secunia.com/advisories/59600
Broken Link
http://secunia.com/advisories/59877
Broken Link
https://security.gentoo.org/glsa/201603-05
Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html
Broken Link
http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html
Third Party Advisory
Mailing List
http://www.openoffice.org/security/cves/CVE-2014-3575.html
Vendor Advisory
http://www.securityfocus.com/bid/69354
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id/1030754
Third Party Advisory
Broken Link
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/95420
Third Party Advisory
VDB Entry