Bug 1164733 (CVE-2014-3693)
Summary: | CVE-2014-3693 libreoffice: Use-After-Free in socket manager of Impress Remote | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Huzaifa S. Sidhpurwala <huzaifas> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | caolanm, dtardon, erack, jgrulich, sbergman |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
A use-after-free flaw was found in the "Remote Control" capabilities of the LibreOffice Impress application. An attacker could use this flaw to remotely execute code with the permissions of the user running LibreOffice Impress.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-10-20 10:47:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1164736, 1167503 | ||
Bug Blocks: | 1121513, 1160961 |
Description
Huzaifa S. Sidhpurwala
2014-11-17 09:19:08 UTC
Created libreoffice tracking bugs for this issue: Affects: fedora-all [bug 1167503] Statement: This issue affects the versions of libreoffice as shipped with Red Hat Enterprise Linux 6. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. Upstream patch: http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-4-3&id=3d0cffab8d06a0f8af6c0ed7a95728203080a7c5 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:0377 https://rhn.redhat.com/errata/RHSA-2015-0377.html |