LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Fedora | Fedoraproject | 19 (including) | 19 (including) |
| Red Hat Enterprise Linux 7 | RedHat | libabw-0:0.0.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libcmis-0:0.4.1-5.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libetonyek-0:0.0.4-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libfreehand-0:0.0.0-3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | liblangtag-0:0.5.4-8.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libmwaw-0:0.2.0-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libodfgen-0:0.0.4-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libreoffice-1:4.2.6.3-5.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | mdds-0:0.10.3-1.el7 | * |
| Libreoffice | Ubuntu | devel | * |
| Libreoffice | Ubuntu | saucy | * |
| Libreoffice | Ubuntu | trusty | * |
References
- http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html
- http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html
- http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html
- http://rhn.redhat.com/errata/RHSA-2015-0377.html
- http://secunia.com/advisories/57383
- http://secunia.com/advisories/59330
- http://secunia.com/advisories/60799
- http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
- http://www.securityfocus.com/bid/68151
- http://www.ubuntu.com/usn/USN-2253-1
- https://bugs.mageia.org/show_bug.cgi?id=13580
- https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81
- https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/
- http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html
- http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html
- http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html
- http://rhn.redhat.com/errata/RHSA-2015-0377.html
- http://secunia.com/advisories/57383
- http://secunia.com/advisories/59330
- http://secunia.com/advisories/60799
- http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
- http://www.securityfocus.com/bid/68151
- http://www.ubuntu.com/usn/USN-2253-1
- https://bugs.mageia.org/show_bug.cgi?id=13580
- https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81
- https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/