LibreOffice 4.x < 4.2.7 Impress Remote RCE

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is affected by a
use-after-free memory vulnerability.

Description :

A version of LibreOffice is installed on the remote Windows host that
is 4.x prior to 4.2.7. It is, therefore, affected by a use-after-free
vulnerability related to the Impress Remote socket manager that allows
denial of service attacks or arbitrary code execution by means of a
specially crafted TCP request that causes already freed memory to be
dereferenced.

Note that Nessus has not attempted to exploit this issue but has
instead relied only on the application's self-reported version number.

See also :

http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/

Solution :

Upgrade to LibreOffice version 4.2.7 (4.2.7.2) or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 80079 ()

Bugtraq ID: 71351

CVE ID: CVE-2014-3693

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now