Is CVE-2014-0247 being actively exploited?

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 4%.

What products does CVE-2014-0247 affect?

Tracked products affected include LibreOffice. Check the version you run to see whether it is affected.

How do I fix CVE-2014-0247?

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

CVE-2014-0247

Q: What is CVE-2014-0247?

CVE-2014-0247 is a high-severity software vulnerability with a CVSS score of 10. LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.

HIGH severity · CVSS 10

10CVSS HIGH

Summary

LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges required—

User interaction—

Confidentiality impact—

Integrity impact—

Availability impact—

Exploit probability (EPSS)4%

AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected products we track (1)

LibreOffice

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information

NVD record
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.htmlAdvisory
http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.htmlAdvisory
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.htmlAdvisory
http://rhn.redhat.com/errata/RHSA-2015-0377.htmlAdvisory
http://secunia.com/advisories/57383
http://secunia.com/advisories/59330
http://secunia.com/advisories/60799
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xmlAdvisory