CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
References
Link Resource
http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html Broken Link
http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0377.html Third Party Advisory
http://secunia.com/advisories/59600 Broken Link
http://secunia.com/advisories/59877 Broken Link
http://www.openoffice.org/security/cves/CVE-2014-3575.html Vendor Advisory
http://www.securityfocus.com/bid/69354 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030754 Broken Link Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/95420 Third Party Advisory VDB Entry
https://security.gentoo.org/glsa/201603-05 Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html Broken Link
http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0377.html Third Party Advisory
http://secunia.com/advisories/59600 Broken Link
http://secunia.com/advisories/59877 Broken Link
http://www.openoffice.org/security/cves/CVE-2014-3575.html Vendor Advisory
http://www.securityfocus.com/bid/69354 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030754 Broken Link Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/95420 Third Party Advisory VDB Entry
https://security.gentoo.org/glsa/201603-05 Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*
cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:08

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html - Broken Link () http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html - Broken Link
References () http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ - Vendor Advisory () http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ - Vendor Advisory
References () http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html - Mailing List, Third Party Advisory () http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html - Mailing List, Third Party Advisory
References () http://rhn.redhat.com/errata/RHSA-2015-0377.html - Third Party Advisory () http://rhn.redhat.com/errata/RHSA-2015-0377.html - Third Party Advisory
References () http://secunia.com/advisories/59600 - Broken Link () http://secunia.com/advisories/59600 - Broken Link
References () http://secunia.com/advisories/59877 - Broken Link () http://secunia.com/advisories/59877 - Broken Link
References () http://www.openoffice.org/security/cves/CVE-2014-3575.html - Vendor Advisory () http://www.openoffice.org/security/cves/CVE-2014-3575.html - Vendor Advisory
References () http://www.securityfocus.com/bid/69354 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/69354 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1030754 - Broken Link, Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1030754 - Broken Link, Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/95420 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/95420 - Third Party Advisory, VDB Entry
References () https://security.gentoo.org/glsa/201603-05 - Third Party Advisory () https://security.gentoo.org/glsa/201603-05 - Third Party Advisory

Information

Published : 2014-08-27 00:55

Updated : 2024-11-21 02:08


NVD link : CVE-2014-3575

Mitre link : CVE-2014-3575

CVE.ORG link : CVE-2014-3575


JSON object : View

Products Affected

redhat

  • enterprise_linux_server
  • enterprise_linux_desktop
  • enterprise_linux_workstation

libreoffice

  • libreoffice

apache

  • openoffice
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor