Executive Summary

Summary
Title New OpenOffice.org packages fix several vulnerabilities
Informations
Name DSA-1104 First vendor Publication 2006-06-30
Vendor Debian Last vendor Modification 2006-06-30
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.6 Attack Range Network
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been discovered in OpenOffice.org, a free office suite. The Common Vulnerabilities and Exposures Project identifies the following problems:

CVE-2006-2198

It turned out to be possible to embed arbitrary BASIC macros in documents in a way that OpenOffice.org does not see them but executes them anyway without any user interaction.

CVE-2006-2199

It is possible to evade the Java sandbox with specially crafted Java applets.

CVE-2006-3117

Loading malformed XML documents can cause buffer overflows and cause a denial of service or execute arbitrary code.

This update has the Mozilla component disabled, so that the Mozilla/LDAP adressbook feature won't work anymore. It didn't work on anything else than i386 on sarge either.

The old stable distribution (woody) does not contain OpenOffice.org packages.

For the stable distribution (sarge) this problem has been fixed in version 1.1.3-9sarge2.

For the unstable distribution (sid) this problem has been fixed in version 2.0.3-1.

We recommend that you upgrade your OpenOffice.org packages.

Original Source

Url : http://www.debian.org/security/2006/dsa-1104

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-264 Permissions, Privileges, and Access Controls
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11082
 
Oval ID: oval:org.mitre.oval:def:11082
Title: OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
Description: OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
Family: unix Class: vulnerability
Reference(s): CVE-2006-2198
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11338
 
Oval ID: oval:org.mitre.oval:def:11338
Title: Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.
Description: Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.
Family: unix Class: vulnerability
Reference(s): CVE-2006-2199
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9704
 
Oval ID: oval:org.mitre.oval:def:9704
Title: Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
Description: Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
Family: unix Class: vulnerability
Reference(s): CVE-2006-3117
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 23
Application 3

OpenVAS Exploits

Date Description
2009-02-27 Name : Fedora Update for openoffice.org FEDORA-2007-005 (FC5)
File : nvt/gb_fedora_2007_005_openoffice.org_fc5.nasl
2009-02-27 Name : Fedora Update for openoffice.org FEDORA-2007-005 FC(6)
File : nvt/gb_fedora_2007_005_openoffice.org_fc6.nasl
2009-02-27 Name : Fedora Update for openoffice.org FEDORA-2007-375
File : nvt/gb_fedora_2007_375_openoffice.org_fc5.nasl
2009-02-27 Name : Fedora Update for openoffice.org FEDORA-2007-606
File : nvt/gb_fedora_2007_606_openoffice.org_fc5.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200607-12 (OpenOffice.org)
File : nvt/glsa_200607_12.nasl
2008-01-17 Name : Debian Security Advisory DSA 1104-1 (openoffice.org)
File : nvt/deb_1104_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1104-2 (openoffice.org)
File : nvt/deb_1104_2.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
26945 OpenOffice.org (OOo) Writer XML Document Processing Overflow
26944 OpenOffice.org (OOo) Math XML Document Processing Overflow
26943 OpenOffice.org (OOo) Impress XML Document Processing Overflow
26942 OpenOffice.org (OOo) Draw XML Document Processing Overflow
26941 OpenOffice.org (OOo) Calc XML Document Processing Overflow
26940 OpenOffice.org (OOo) Document BASIC Macro Arbitrary Command Execution
26939 OpenOffice.org (OOo) Java Applets Unspecified Privilege Escalation

Nessus® Vulnerability Scanner

Date Description
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-313-1.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-313-2.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_OpenOffice_org-1698.nasl - Type : ACT_GATHER_INFO
2007-02-18 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2006_040.nasl - Type : ACT_GATHER_INFO
2007-01-17 Name : The remote Fedora Core host is missing a security update.
File : fedora_2006-764.nasl - Type : ACT_GATHER_INFO
2007-01-17 Name : The remote Fedora Core host is missing a security update.
File : fedora_2006-770.nasl - Type : ACT_GATHER_INFO
2007-01-17 Name : The remote Fedora Core host is missing one or more security updates.
File : fedora_2007-005.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1104.nasl - Type : ACT_GATHER_INFO
2006-07-29 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200607-12.nasl - Type : ACT_GATHER_INFO
2006-07-10 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2006-118.nasl - Type : ACT_GATHER_INFO
2006-07-04 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2006-0573.nasl - Type : ACT_GATHER_INFO
2006-07-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2006-0573.nasl - Type : ACT_GATHER_INFO
2006-06-30 Name : Arbitrary code can be executed on the remote host through OpenOffice.org.
File : openoffice_org_203.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:25:57
  • Multiple Updates