9.3 - GLSA-200807-05

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	OpenOffice.org: User-assisted execution of arbitrary code

Informations
Name	GLSA-200807-05	First vendor Publication	2008-07-09
Vendor	Gentoo	Last vendor Modification	2008-07-09
Severity (Vendor)	Normal	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

An integer overflow vulnerability has been reported in OpenOffice.org.

Background

OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities.

Description

Sean Larsson (iDefense Labs) reported an integer overflow in the function rtl_allocateMemory() in the file sal/rtl/source/alloc_global.c.

Impact

A remote attacker could entice a user to open a specially crafted document, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application.

Workaround

There is no known workaround at this time.

Resolution

All OpenOffice.org users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-office/openoffice-2.4.1"

All OpenOffice.org binary users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-office/openoffice-bin-2.4.1"

References

[ 1 ] CVE-2008-2152 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2152

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200807-05.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-200807-05.xml

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-189	Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:22724

Oval ID:	oval:org.mitre.oval:def:22724
Title:	ELSA-2008:0537: openoffice.org security update (Important)
Description:	Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
Family:	unix	Class:	patch
Reference(s):	ELSA-2008:0537-01 CVE-2008-2152	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	openoffice.org openoffice.org2
Definition Synopsis:
Oracle Linux 5.x rpm test openoffice.org is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-xh_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-tn_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-af_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ss_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-tr_TR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-te_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-calc is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ml_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nl is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nn_NO is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ta_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-testtools is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nb_NO is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-headless is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-base is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-it is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-el_GR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-da_DK is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ca_ES is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-es is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-cs_CZ is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-draw is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ar is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sl_SI is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nr_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-kn_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-as_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ts_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ja_JP is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pt_PT is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sk_SK is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-st_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zh_TW is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ru is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-xsltfilter is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-cy_GB is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pa_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-fi_FI is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-bn is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ms_MY is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-he_IL is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-graphicfilter is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-bg_BG is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-pyuno is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-writer is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-sdk is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pt_BR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hr_HR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pl_PL is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hi_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-fr is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-gu_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zu_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-math is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ur is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-core is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-impress is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-mr_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-gl_ES is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-et_EE is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ko_KR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hu_HU is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nso_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sr_CS is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-sdk-doc is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-or_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-eu_ES is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ve_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-emailmerge is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-javafilter is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-lt_LT is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-de is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ga_IE is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zh_CN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sv is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-th_TH is earlier than 1:2.3.0-6.5.1.el5_2

Definition Id: oval:org.mitre.oval:def:9787

Oval ID:	oval:org.mitre.oval:def:9787
Title:	Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
Description:	Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-2152	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section openoffice.org-libs is earlier than 0:1.1.2-42.2.0.EL3 AND openoffice.org is earlier than 0:1.1.2-42.2.0.EL3 AND openoffice.org-i18n is earlier than 0:1.1.2-42.2.0.EL3 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section openoffice.org2-langpack-lt_LT is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-nn_NO is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ga_IE is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-zh_CN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-javafilter is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-he_IL is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-draw is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ko_KR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ca_ES is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-base is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-fr is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org is earlier than 0:1.1.5-10.6.0.5.EL4 AND openoffice.org-libs is earlier than 0:1.1.5-10.6.0.5.EL4 AND openoffice.org2-langpack-pa_IN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-da_DK is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-emailmerge is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-pt_PT is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-es is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-sv is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ms_MY is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-cs_CZ is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-xsltfilter is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ja_JP is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-hu_HU is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-zh_TW is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-sl_SI is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-de is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-pyuno is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2 is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-tr_TR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-impress is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-bn is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ar is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-pt_BR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-af_ZA is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-pl_PL is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-calc is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-zu_ZA is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-fi_FI is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-sk_SK is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-hi_IN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-nb_NO is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-th_TH is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-et_EE is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-gl_ES is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-it is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-hr_HR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org-i18n is earlier than 0:1.1.5-10.6.0.5.EL4 AND openoffice.org2-langpack-ta_IN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-gu_IN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-testtools is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org-kde is earlier than 0:1.1.5-10.6.0.5.EL4 AND openoffice.org2-langpack-eu_ES is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-el_GR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-core is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ru is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-bg_BG is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-nl is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-sr_CS is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-cy_GB is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-math is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-graphicfilter is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-writer is earlier than 0:2.0.4-5.7.0.5.0 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section openoffice.org-langpack-sk_SK is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zu_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pa_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hi_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-et_EE is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-kn_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zh_TW is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-writer is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ve_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ga_IE is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ta_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ko_KR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-or_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-da_DK is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sr_CS is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pl_PL is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-fr is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ts_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-javafilter is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-as_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-testtools is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hr_HR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-de is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-emailmerge is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-xsltfilter is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-tn_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-te_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sv is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-base is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ca_ES is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nr_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-core is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nl is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ur is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nn_NO is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ar is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ja_JP is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-gu_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-tr_TR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-eu_ES is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-fi_FI is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-graphicfilter is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-pyuno is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ml_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-gl_ES is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-sdk-doc is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zh_CN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-xh_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-it is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-sdk is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-es is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nb_NO is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sl_SI is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-draw is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nso_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ms_MY is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-el_GR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hu_HU is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ss_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-bn is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-he_IL is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pt_PT is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-lt_LT is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-af_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-bg_BG is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-calc is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-cs_CZ is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-cy_GB is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-mr_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-headless is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-th_TH is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pt_BR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ru is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-math is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-impress is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-st_ZA is earlier than 0:2.3.0-6.5.1.el5_2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Openoffice Openoffice.Org cpe:2.3:a:openoffice:openoffice.org:2.4:::::::* cpe:2.3:a:openoffice:openoffice.org:2.3:::::::* cpe:2.3:a:openoffice:openoffice.org:2.2:::::::* cpe:2.3:a:openoffice:openoffice.org:2.1:::::::* cpe:2.3:a:openoffice:openoffice.org:2.0:::::::*	5

OpenVAS Exploits

Date	Description
2009-04-09	Name : Mandriva Update for openoffice.org MDVSA-2008:138 (openoffice.org) File : nvt/gb_mandriva_MDVSA_2008_138.nasl
2009-04-09	Name : Mandriva Update for openoffice.org MDVSA-2008:137 (openoffice.org) File : nvt/gb_mandriva_MDVSA_2008_137.nasl
2009-03-06	Name : RedHat Update for openoffice.org RHSA-2008:0537-01 File : nvt/gb_RHSA-2008_0537-01_openoffice.org.nasl
2009-03-06	Name : RedHat Update for openoffice.org RHSA-2008:0538-01 File : nvt/gb_RHSA-2008_0538-01_openoffice.org.nasl
2009-02-27	Name : CentOS Update for openoffice.org2-base CESA-2008:0537 centos4 x86_64 File : nvt/gb_CESA-2008_0537_openoffice.org2-base_centos4_x86_64.nasl
2009-02-27	Name : CentOS Update for openoffice.org CESA-2008:0538 centos3 i386 File : nvt/gb_CESA-2008_0538_openoffice.org_centos3_i386.nasl
2009-02-27	Name : CentOS Update for openoffice.org CESA-2008:0538 centos3 x86_64 File : nvt/gb_CESA-2008_0538_openoffice.org_centos3_x86_64.nasl
2009-02-27	Name : CentOS Update for openoffice.org CESA-2008:0538 centos4 i386 File : nvt/gb_CESA-2008_0538_openoffice.org_centos4_i386.nasl
2009-02-27	Name : CentOS Update for openoffice.org CESA-2008:0538 centos4 x86_64 File : nvt/gb_CESA-2008_0538_openoffice.org_centos4_x86_64.nasl
2009-02-27	Name : CentOS Update for openoffice.org2-base CESA-2008:0537 centos4 i386 File : nvt/gb_CESA-2008_0537_openoffice.org2-base_centos4_i386.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-5247 File : nvt/gb_fedora_2008_5247_openoffice.org_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-9333 File : nvt/gb_fedora_2008_9333_openoffice.org_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-7531 File : nvt/gb_fedora_2008_7531_openoffice.org_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-5239 File : nvt/gb_fedora_2008_5239_openoffice.org_fc7.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-5143 File : nvt/gb_fedora_2008_5143_openoffice.org_fc9.nasl
2008-10-01	Name : OpenOffice rtl_allocateMemory Heap Based BOF Vulnerability (Linux) File : nvt/gb_openoffice_rtl_allocatememory_bof_vuln_lin.nasl
2008-10-01	Name : OpenOffice rtl_allocateMemory Heap Based BOF Vulnerability File : nvt/gb_openoffice_rtl_allocatememory_bof_vuln_win.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200807-05 (openoffice openoffice-bin) File : nvt/glsa_200807_05.nasl
2008-09-09	Name : OpenOffice.org <= 2.4.1 vulnerability (Lin) File : nvt/openoffice_CB-A08-0068.nasl
2008-09-09	Name : OpenOffice.org <= 2.4.1 vulnerability (Win) File : nvt/smbcl_openoffice_CB-A08-0068.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
46052	OpenOffice.org (OOo) rtl_allocateMemory() Function Crafted Document Handling ...

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0538.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080612_openoffice_org2_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080612_openoffice_org_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080612_openoffice_org_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-137.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-138.nasl - Type : ACT_GATHER_INFO
2008-07-10	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200807-05.nasl - Type : ACT_GATHER_INFO
2008-07-02	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0537.nasl - Type : ACT_GATHER_INFO
2008-06-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0538.nasl - Type : ACT_GATHER_INFO
2008-06-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0537.nasl - Type : ACT_GATHER_INFO
2008-06-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0538.nasl - Type : ACT_GATHER_INFO
2008-06-12	Name : The remote Fedora host is missing a security update. File : fedora_2008-5143.nasl - Type : ACT_GATHER_INFO
2008-06-12	Name : The remote Fedora host is missing a security update. File : fedora_2008-5239.nasl - Type : ACT_GATHER_INFO
2008-06-12	Name : The remote Fedora host is missing a security update. File : fedora_2008-5247.nasl - Type : ACT_GATHER_INFO
2008-06-10	Name : The remote Windows host has a program affected by an integer overflow vulnera... File : openoffice_241.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:35:57	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	2
CPE ID(s)	5
osvdb(s)	1
Openvas Exploit(s)	20
Nessus® Exploit(s)	15

	Related
9.3	CVE-2008-2152
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)