CVE-2014-3693

Published Nov 7, 2014

Last updated 2 years ago

CVSS info 7.5

Overview

Description: Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Evaluator

Comment: <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9107E38E-E815-4B0D-A4B2-14D4E046D8C3"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C783766-1340-4AEB-9822-EA175763A54D"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56B6659D-C29A-4F1D-B1D4-3DD439D8AFA9"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86953074-1B45-40A8-99F8-281B5666D1A6"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F60E30C7-DA1F-40BC-BF41-1D4A7C298ECC"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B8D6B9A-0FCC-4AAD-9AB9-0E51DCC7280B"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FA4F905-2CD3-4DC7-A448-686C8C66EB2D"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D49E9AE-8A66-44E8-9ED9-86AED2236B79"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDC93FD4-C720-4018-9AEF-496EFF718257"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B760AC5-EB16-4FD1-8099-50A4C12B6D06"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65E02231-DACA-4750-BFAB-680A529F7B5A"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F7DC987-8802-4B00-804B-50AA41A6D1FD"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9BE7094-E163-49D0-BC53-1B706C96B73F"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49AA7F09-9550-495E-B325-DBC5EB5E4FC4"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C8FD3B3-9C32-4177-AC13-B74E0D553F00"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "868731BE-8CD3-4C18-80E3-753A95187B6C"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "978F7E8B-0224-43DC-8818-4BE298E45D16"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F263182-1B6D-4CB8-BB62-91A52C926E91"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8BCD6C8-8FCD-4FBC-806B-21A96E2FC5A7"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D1551AC-D6AB-4FCF-B097-76F98F7D8B56"
          },
          {
            "criteria": "cpe:2.3:a:libreoffice:libreoffice:4.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7A184C9-F26A-4A5C-9834-6639D6D19B53"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References