Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2015-0377.html | Third Party Advisory |
http://secunia.com/advisories/62111 | |
http://secunia.com/advisories/62132 | |
http://secunia.com/advisories/62396 | |
http://www.securityfocus.com/bid/71351 | |
http://www.ubuntu.com/usn/USN-2398-1 | Patch Third Party Advisory |
https://security.gentoo.org/glsa/201603-05 | |
https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
13 Feb 2023, 00:42
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599. |
02 Feb 2023, 20:18
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A use-after-free flaw was found in the "Remote Control" capabilities of the LibreOffice Impress application. An attacker could use this flaw to remotely execute code with the permissions of the user running LibreOffice Impress. |
Information
Published : 2014-11-07 19:55
Updated : 2023-12-10 11:31
NVD link : CVE-2014-3693
Mitre link : CVE-2014-3693
CVE.ORG link : CVE-2014-3693
JSON object : View
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_workstation
- enterprise_linux_server
opensuse
- opensuse
libreoffice
- libreoffice
canonical
- ubuntu_linux
CWE