LibreOffice 4.3.x < 4.3.1 Multiple Vulnerabilities

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.

Synopsis :

The remote host contains an application that is affected by multiple

Description :

A version of LibreOffice is installed on the remote Windows host that
is 4.3.x prior to 4.3.1. It is, therefore, affected by the following
vulnerabilities :

- An input-validation error exists related to handling
Calc spreadsheets that allows arbitrary command
execution. (CVE-2014-3524)

- An input-validation error exists related to 'Update
Links' prompt handling that allows information
disclosure via improperly included OLE2 previews.

Note that Nessus has not attempted to exploit these issues but has
instead relied only on the application's self-reported version number.

See also :

Solution :

Upgrade to LibreOffice version 4.3.1 ( or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 80080 ()

Bugtraq ID: 69351

CVE ID: CVE-2014-3524

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now