Common Vulnerabilities and Exposures assigned an identifier CVE-2014-3575 to the following vulnerability: Name: CVE-2014-3575 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3575 Assigned: 20140514 Reference: BUGTRAQ:20140821 CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects Reference: http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html Reference: SECTRACK:1030754 Reference: http://www.securitytracker.com/id/1030754 Reference: XF:apache-openoffice-cve20143575-info-disc(95420) Reference: http://xforce.iss.net/xforce/xfdb/95420 The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
Created libreoffice tracking bugs for this issue: Affects: fedora-all [bug 1139592]
As per the upstream advisory: The vulnerability allows an attacker to send a document which when opened will trigger the prompt to "Update Links" but if the user cancels that prompt may still generate and insert into the document an OLE2 preview image of a file on the victims filesystem, Data exposure is possible if the updated document is then distributed to other parties. Reference: http://www.libreoffice.org/about-us/security/advisories/cve-2014-3575/
Mitigation: - Whenever possible, exercise caution when opening documents sent by unknown/untrusted parties. - If "Update Links" dialog is seen, when opening a document, do not send this document to others, since it may be possible that local files got attached to the document. (The exploit only works when the document is sent over to the attacker after opening it on your system using LibreOffice/OpenOffice)
Statement: This issue affects the version of OpenOffice.org as shipped in Red Hat Enterprise Linux 5, and the version of LibreOffice as shipped in Red Hat Enterprise Linux 6. Red Hat Product Security has rated this issue as having Moderate security impact and is not planned to be addressed in any future updates.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:0377 https://rhn.redhat.com/errata/RHSA-2015-0377.html