What is the severity of CVE-2014-3693?

CVE-2014-3693 is classified as a high-severity vulnerability due to its potential to cause denial of service or arbitrary code execution.

How do I fix CVE-2014-3693?

To fix CVE-2014-3693, it is recommended to update LibreOffice to version 4.2.7 or 4.3.3 or later.

What systems are affected by CVE-2014-3693?

CVE-2014-3693 affects multiple versions of LibreOffice and specific versions of Red Hat Enterprise Linux and Ubuntu.

What type of vulnerability is CVE-2014-3693?

CVE-2014-3693 is a use-after-free vulnerability that compromises the socket manager in LibreOffice.

Can CVE-2014-3693 allow remote attacks?

Yes, CVE-2014-3693 can be exploited by remote attackers to crash the system or potentially execute arbitrary code.

Vulnerability/
CVE-2014-3693

high

7.5

CWE

416

7/11/2014

6/8/2024

CVE-2014-3693: Use After Free

First published: Fri Nov 07 2014(Updated: )

Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat enterprise Linux desktop	=7.0
redhat enterprise Linux server	=7.0
redhat enterprise Linux workstation	=7.0
Ubuntu Linux	=14.04
Ubuntu Linux	=14.10
The Document Foundation LibreOffice	=4.0.0
The Document Foundation LibreOffice	=4.0.1
The Document Foundation LibreOffice	=4.0.2
The Document Foundation LibreOffice	=4.0.3
The Document Foundation LibreOffice	=4.0.3.3
The Document Foundation LibreOffice	=4.0.4.2
The Document Foundation LibreOffice	=4.1.0
The Document Foundation LibreOffice	=4.1.1
The Document Foundation LibreOffice	=4.1.2
The Document Foundation LibreOffice	=4.1.3
The Document Foundation LibreOffice	=4.1.4
The Document Foundation LibreOffice	=4.2.0
The Document Foundation LibreOffice	=4.2.1
The Document Foundation LibreOffice	=4.2.2
The Document Foundation LibreOffice	=4.2.3
The Document Foundation LibreOffice	=4.2.4
The Document Foundation LibreOffice	=4.2.5
The Document Foundation LibreOffice	=4.2.6
The Document Foundation LibreOffice	=4.3.0
The Document Foundation LibreOffice	=4.3.1
The Document Foundation LibreOffice	=4.3.2
openSUSE	=13.1

Remedy

http://www.ubuntu.com/usn/USN-2398-1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3693?
CVE-2014-3693 is classified as a high-severity vulnerability due to its potential to cause denial of service or arbitrary code execution.
How do I fix CVE-2014-3693?
To fix CVE-2014-3693, it is recommended to update LibreOffice to version 4.2.7 or 4.3.3 or later.
What systems are affected by CVE-2014-3693?
CVE-2014-3693 affects multiple versions of LibreOffice and specific versions of Red Hat Enterprise Linux and Ubuntu.
What type of vulnerability is CVE-2014-3693?
CVE-2014-3693 is a use-after-free vulnerability that compromises the socket manager in LibreOffice.
Can CVE-2014-3693 allow remote attacks?
Yes, CVE-2014-3693 can be exploited by remote attackers to crash the system or potentially execute arbitrary code.

agent/type
agent/references
agent/author
agent/severity
agent/weakness
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/redhat
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/7.0
canonical/redhat enterprise linux server
version/redhat enterprise linux server/7.0
canonical/redhat enterprise linux workstation
version/redhat enterprise linux workstation/7.0
vendor/canonical
canonical/ubuntu linux
version/ubuntu linux/14.04
version/ubuntu linux/14.10
vendor/libreoffice
canonical/the document foundation libreoffice
version/the document foundation libreoffice/4.0.0
version/the document foundation libreoffice/4.0.1
version/the document foundation libreoffice/4.0.2
version/the document foundation libreoffice/4.0.3
version/the document foundation libreoffice/4.0.3.3
version/the document foundation libreoffice/4.0.4.2
version/the document foundation libreoffice/4.1.0
version/the document foundation libreoffice/4.1.1
version/the document foundation libreoffice/4.1.2
version/the document foundation libreoffice/4.1.3
version/the document foundation libreoffice/4.1.4
version/the document foundation libreoffice/4.2.0
version/the document foundation libreoffice/4.2.1
version/the document foundation libreoffice/4.2.2
version/the document foundation libreoffice/4.2.3
version/the document foundation libreoffice/4.2.4
version/the document foundation libreoffice/4.2.5
version/the document foundation libreoffice/4.2.6
version/the document foundation libreoffice/4.3.0
version/the document foundation libreoffice/4.3.1
version/the document foundation libreoffice/4.3.2
vendor/opensuse
canonical/opensuse
version/opensuse/13.1

CVE-2014-3693: Use After Free

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3693?

How do I fix CVE-2014-3693?

What systems are affected by CVE-2014-3693?

What type of vulnerability is CVE-2014-3693?

Can CVE-2014-3693 allow remote attacks?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-3693?

How do I fix CVE-2014-3693?

What systems are affected by CVE-2014-3693?

What type of vulnerability is CVE-2014-3693?

Can CVE-2014-3693 allow remote attacks?