{
  "threat_severity" : "Moderate",
  "public_date" : "2014-11-05T00:00:00Z",
  "bugzilla" : {
    "description" : "libreoffice: Use-After-Free in socket manager of Impress Remote",
    "id" : "1164733",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1164733"
  },
  "cvss" : {
    "cvss_base_score" : "5.1",
    "cvss_scoring_vector" : "AV:N/AC:H/Au:N/C:P/I:P/A:P",
    "status" : "verified"
  },
  "cwe" : "CWE-416",
  "details" : [ "Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.", "A use-after-free flaw was found in the \"Remote Control\" capabilities of the LibreOffice Impress application. An attacker could use this flaw to remotely execute code with the permissions of the user running LibreOffice Impress." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-05T00:00:00Z",
    "advisory" : "RHSA-2015:0377",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "libabw-0:0.0.2-1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-05T00:00:00Z",
    "advisory" : "RHSA-2015:0377",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "libcmis-0:0.4.1-5.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-05T00:00:00Z",
    "advisory" : "RHSA-2015:0377",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "libetonyek-0:0.0.4-2.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-05T00:00:00Z",
    "advisory" : "RHSA-2015:0377",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "libfreehand-0:0.0.0-3.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-05T00:00:00Z",
    "advisory" : "RHSA-2015:0377",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "liblangtag-0:0.5.4-8.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-05T00:00:00Z",
    "advisory" : "RHSA-2015:0377",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "libmwaw-0:0.2.0-4.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-05T00:00:00Z",
    "advisory" : "RHSA-2015:0377",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "libodfgen-0:0.0.4-1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-05T00:00:00Z",
    "advisory" : "RHSA-2015:0377",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "libreoffice-1:4.2.6.3-5.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2015-03-05T00:00:00Z",
    "advisory" : "RHSA-2015:0377",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "mdds-0:0.10.3-1.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "libreoffice",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-3693\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-3693\nhttp://www.libreoffice.org/about-us/security/advisories/cve-2014-3693" ],
  "name" : "CVE-2014-3693",
  "csaw" : false
}