Summary
This host is installed with LibreOffice
and is prone to unspecified vulnerability.
Impact
Successful exploitation will allow attackers
to bypass certain security restrictions and execute VBA script code without user approval.
Impact Level: Application
Solution
Upgrade to LibreOffice 4.2.5 or later,
For updates refer to http://www.libreoffice.org
Insight
Flaw exists due to the application not
properly restricting VBA macros in the VBAProject element.
Affected
LibreOffice version 4.1.4/4.2.0 prior
to 4.2.5 on Windows
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-0247 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)
- Adobe Air Multiple Vulnerabilities -01 May 13 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Air and Flash Player Multiple Vulnerabilities (Mac OS X)