PublicDateAtUSN: 2014-11-05
Candidate: CVE-2014-3693
CRD: 2014-11-05
PublicDate: 2014-11-07 19:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3693
 https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/
 https://ubuntu.com/security/notices/USN-2398-1
Description:
 Use-after-free vulnerability in the socket manager of Impress Remote in
 LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers
 to cause a denial of service (crash) or possibly execute arbitrary code via
 a crafted request to TCP port 1599.
Ubuntu-Description: 
Notes: 
 mdeslaur> 4.x and later
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS: 

Patches_openoffice.org:
upstream_openoffice.org: needs-triage
lucid_openoffice.org: ignored (reached end-of-life)
precise_openoffice.org: not-affected (transitional packages)
trusty_openoffice.org: DNE
trusty/esm_openoffice.org: DNE
utopic_openoffice.org: DNE
devel_openoffice.org: DNE

Patches_libreoffice:
upstream_libreoffice: released (4.3.3,4.2.7)
lucid_libreoffice: DNE
precise_libreoffice: not-affected (1:3.5.7-0ubuntu6.1)
trusty_libreoffice: released (1:4.2.7-0ubuntu1)
trusty/esm_libreoffice: DNE (trusty was released [1:4.2.7-0ubuntu1])
utopic_libreoffice: released (1:4.3.3-0ubuntu1)
devel_libreoffice: released (1:4.3.3-0ubuntu2)