Is LibreOffice vulnerable to Microsoft OLE-vulnerability

Caolán McNamara caolanm at redhat.com
Tue Oct 28 07:27:16 PDT 2014


On Sat, 2014-10-25 at 16:19 +0100, Michael Meeks wrote:
> On Sat, 2014-10-25 at 16:46 +0200, Simon Justesen wrote:
> > A few days ago, Microsoft issued this security advisory: 
> > https://technet.microsoft.com/library/security/3010060
> 
> 	Good question; its not been reported as a security issue to us; it
> looks like the fix is to various (almost all) versions of Windows, not
> Office.

3010060 is "CVE-2014-6352" which is apparently a variant of
"CVE-2014-4114". There are some reproducers for CVE-2014-4114, and as
far as I can tell CVE-2014-4114 doesn't affect us (at least when I
checked with what reproducers were available on Oct 21)

C.



More information about the LibreOffice mailing list