LibreOffice Unspecified Vulnerability Oct14 (Mac OS X) Network Vulnerability

Summary

This host is installed with LibreOffice and is prone to unspecified vulnerability.

Impact

Successful exploitation will allow attackers to bypass certain security restrictions and execute VBA script code without user approval. Impact Level: Application

Solution

Upgrade to LibreOffice 4.2.5 or later, For updates refer to http://www.libreoffice.org

Insight

Flaw exists due to the application not properly restricting VBA macros in the VBAProject element.

Affected

LibreOffice version 4.1.4/4.2.0 prior to 4.2.5 on Mac OS X

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.com/108368
http://secunia.com/advisories/57383
https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0247

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Multiple Vulnerabilities - November12 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Sep13 (Mac OS X)
Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Sep13 (Windows)

Take action and discover your vulnerabilities