CVE-2014-3575
Redhat Enterprise Linux Desktop < 4.1.1 - Information Disclosure
Title source: ruleDescription
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
References (11)
Core 11
Core References
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/69354
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95420
Vendor Advisory x_refsource_confirm
http://www.openoffice.org/security/cves/CVE-2014-3575.html
Vendor Advisory x_refsource_confirm
http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-0377.html
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59877
Broken Link mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201603-05
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/59600
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030754
Scores
EPSS
0.0987
EPSS Percentile
93.1%
Details
CWE
CWE-200
Status
published
Products (5)
apache/openoffice
< 4.1.1
libreoffice/libreoffice
< 4.2.6
redhat/enterprise_linux_desktop
7.0
redhat/enterprise_linux_server
7.0
redhat/enterprise_linux_workstation
7.0
Published
Aug 27, 2014
Tracked Since
Feb 18, 2026