Executive Summary
Summary | |
---|---|
Title | openoffice.org security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0175 | First vendor Publication | 2008-04-17 |
Vendor | RedHat | Last vendor Modification | 2008-04-17 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, x86_64 Red Hat Enterprise Linux WS version 4 - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 3. Description: OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747) A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 435675 - CVE-2007-5746 openoffice.org: EMF files parsing EMR_BITBLT record heap overflows 435676 - CVE-2008-0320 openoffice.org: OLE files parsing heap overflows 435678 - CVE-2007-5745 openoffice.org: Quattro Pro files handling heap overflows in Attribute and Font records 435681 - CVE-2007-5747 openoffice.org: Quattro Pro files parsing integer underflow |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0175.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17630 | |||
Oval ID: | oval:org.mitre.oval:def:17630 | ||
Title: | USN-609-1 -- hsqldb, openoffice.org/-amd64 vulnerabilities | ||
Description: | It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-609-1 CVE-2007-4575 CVE-2007-5745 CVE-2007-5746 CVE-2007-5747 CVE-2008-0320 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | hsqldb openoffice.org openoffice.org-amd64 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18730 | |||
Oval ID: | oval:org.mitre.oval:def:18730 | ||
Title: | DSA-1547-1 openoffice.org | ||
Description: | Several security related problems have been discovered in OpenOffice.org, the free office suite. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1547-1 CVE-2007-5745 CVE-2007-5746 CVE-2007-5747 CVE-2008-0320 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | openoffice.org |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
OpenOffice OLE importer DocumentSummaryInformation buffer overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2012-05-25 | OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow |
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for openoffice.org MDVSA-2008:095 (openoffice.org) File : nvt/gb_mandriva_MDVSA_2008_095.nasl |
2009-03-23 | Name : Ubuntu Update for hsqldb, openoffice.org/-amd64 vulnerabilities USN-609-1 File : nvt/gb_ubuntu_USN_609_1.nasl |
2009-03-06 | Name : RedHat Update for openoffice.org RHSA-2008:0175-01 File : nvt/gb_RHSA-2008_0175-01_openoffice.org.nasl |
2009-03-06 | Name : RedHat Update for openoffice.org RHSA-2008:0176-01 File : nvt/gb_RHSA-2008_0176-01_openoffice.org.nasl |
2009-02-27 | Name : CentOS Update for openoffice.org2-base CESA-2008:0175 centos4 i386 File : nvt/gb_CESA-2008_0175_openoffice.org2-base_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for openoffice.org2-base CESA-2008:0175 centos4 x86_64 File : nvt/gb_CESA-2008_0175_openoffice.org2-base_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for openoffice.org CESA-2008:0176 centos3 i386 File : nvt/gb_CESA-2008_0176_openoffice.org_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for openoffice.org CESA-2008:0176 centos3 x86_64 File : nvt/gb_CESA-2008_0176_openoffice.org_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for openoffice.org CESA-2008:0176 centos4 i386 File : nvt/gb_CESA-2008_0176_openoffice.org_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for openoffice.org CESA-2008:0176 centos4 x86_64 File : nvt/gb_CESA-2008_0176_openoffice.org_centos4_x86_64.nasl |
2009-02-17 | Name : Fedora Update for openoffice.org FEDORA-2008-3251 File : nvt/gb_fedora_2008_3251_openoffice.org_fc8.nasl |
2009-02-17 | Name : Fedora Update for openoffice.org FEDORA-2008-9333 File : nvt/gb_fedora_2008_9333_openoffice.org_fc8.nasl |
2009-02-17 | Name : Fedora Update for openoffice.org FEDORA-2008-7531 File : nvt/gb_fedora_2008_7531_openoffice.org_fc8.nasl |
2009-02-17 | Name : Fedora Update for openoffice.org FEDORA-2008-5247 File : nvt/gb_fedora_2008_5247_openoffice.org_fc8.nasl |
2009-02-17 | Name : Fedora Update for openoffice.org FEDORA-2008-5239 File : nvt/gb_fedora_2008_5239_openoffice.org_fc7.nasl |
2009-02-17 | Name : Fedora Update for openoffice.org FEDORA-2008-4104 File : nvt/gb_fedora_2008_4104_openoffice.org_fc7.nasl |
2009-01-23 | Name : SuSE Update for OpenOffice_org SUSE-SA:2008:023 File : nvt/gb_suse_2008_023.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-16 (openoffice openoffice-bin) File : nvt/glsa_200805_16.nasl |
2008-04-21 | Name : Debian Security Advisory DSA 1547-1 (openoffice.org) File : nvt/deb_1547_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44472 | OpenOffice.org (OOo) OLE Importer DocumentSummaryInformation Stream Handling ... |
44471 | OpenOffice.org (OOo) Quattro Pro (QPRO) File Crafted Value Processing Overflow |
44470 | OpenOffice.org (OOo) EMF File EMR_STRETCHBLT Record Handling Overflow |
44469 | OpenOffice.org (OOo) Quattro Pro (QPRO) File Multiple Record Handling Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-14 | Microsoft emf file download request RuleID : 33740-community - Revision : 2 - Type : FILE-IMAGE |
2015-04-10 | Microsoft emf file download request RuleID : 33740 - Revision : 2 - Type : FILE-IMAGE |
2014-01-10 | Microsoft Office Excel FngGroupCount record overflow attempt RuleID : 27634 - Revision : 2 - Type : FILE-OFFICE |
2014-01-10 | OpenOffice OLE File Stream Buffer Overflow attempt RuleID : 26453 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft emf file download request RuleID : 2435-community - Revision : 33 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft emf file download request RuleID : 2435 - Revision : 33 - Type : FILE-IDENTIFY |
2014-01-10 | EMF corruption attempt RuleID : 23105 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | EMF corruption attempt RuleID : 23095 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | EMF corruption attempt RuleID : 23094 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | EMF corruption attempt RuleID : 23093 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | EMF corruption attempt RuleID : 23092 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | EMF corruption attempt RuleID : 23091 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | OpenOffice OLE file stream buffer overflow attempt RuleID : 17315 - Revision : 14 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0176.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080417_openoffice_org2_on_SL4_5_and_4_6.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080417_openoffice_org_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080417_openoffice_org_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-095.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote Fedora host is missing a security update. File : fedora_2008-4104.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-16.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-609-1.nasl - Type : ACT_GATHER_INFO |
2008-04-25 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3251.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0175.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0176.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0175.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0176.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote openSUSE host is missing a security update. File : suse_OpenOffice_org-5053.nasl - Type : ACT_GATHER_INFO |
2008-04-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1547.nasl - Type : ACT_GATHER_INFO |
2008-04-17 | Name : The remote Windows host has a program that is affected by multiple vulnerabil... File : openoffice_240.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:30 |
|