9.3 - SUN-237944

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Sun Alert 237944 A Security Vulnerability in StarOffice/StarSuite 8 may allow file manipulation and Arbitrary Code execution

Informations
Name	SUN-237944	First vendor Publication	2008-06-11
Vendor	Sun	Last vendor Modification	2010-01-20
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: StarOffice 8 Software, StarSuite 8 Software

A security vulnerability in the custom memory allocation function ofStarOffice/StarSuite 8 may lead to heap overflows and filemanipulation. This could allow a remote unprivileged user who providesa StarOffice/StarSuite document that is opened by a local user toexecute arbitrary commands with the privileges of that user.

Sun acknowledges with thanks, an anonymous researcher working with theiDefense Vulnerability Contributor Program (VCP) (http://labs.idefense.com/vcp/).

This issue is also described in the following document:

CVE-2008-2152 at http://www.security-database.com/detail.php?cve=CVE-2008-2152

State: Resolved

First released: 11-Jun-2008

Sun Alert Link:http://sunsolve.sun.com/search/document.do?assetkey=1-66-237944-1

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_237944_a_security

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-189	Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:22724

Oval ID:	oval:org.mitre.oval:def:22724
Title:	ELSA-2008:0537: openoffice.org security update (Important)
Description:	Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
Family:	unix	Class:	patch
Reference(s):	ELSA-2008:0537-01 CVE-2008-2152	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	openoffice.org openoffice.org2
Definition Synopsis:
Oracle Linux 5.x rpm test openoffice.org is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-xh_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-tn_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-af_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ss_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-tr_TR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-te_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-calc is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ml_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nl is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nn_NO is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ta_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-testtools is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nb_NO is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-headless is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-base is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-it is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-el_GR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-da_DK is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ca_ES is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-es is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-cs_CZ is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-draw is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ar is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sl_SI is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nr_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-kn_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-as_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ts_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ja_JP is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pt_PT is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sk_SK is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-st_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zh_TW is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ru is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-xsltfilter is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-cy_GB is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pa_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-fi_FI is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-bn is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ms_MY is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-he_IL is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-graphicfilter is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-bg_BG is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-pyuno is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-writer is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-sdk is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pt_BR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hr_HR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pl_PL is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hi_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-fr is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-gu_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zu_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-math is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ur is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-core is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-impress is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-mr_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-gl_ES is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-et_EE is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ko_KR is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hu_HU is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nso_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sr_CS is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-sdk-doc is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-or_IN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-eu_ES is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ve_ZA is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-emailmerge is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-javafilter is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-lt_LT is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-de is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ga_IE is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zh_CN is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sv is earlier than 1:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-th_TH is earlier than 1:2.3.0-6.5.1.el5_2

Definition Id: oval:org.mitre.oval:def:9787

Oval ID:	oval:org.mitre.oval:def:9787
Title:	Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
Description:	Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-2152	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section openoffice.org-libs is earlier than 0:1.1.2-42.2.0.EL3 AND openoffice.org is earlier than 0:1.1.2-42.2.0.EL3 AND openoffice.org-i18n is earlier than 0:1.1.2-42.2.0.EL3 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section openoffice.org2-langpack-lt_LT is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-nn_NO is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ga_IE is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-zh_CN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-javafilter is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-he_IL is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-draw is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ko_KR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ca_ES is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-base is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-fr is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org is earlier than 0:1.1.5-10.6.0.5.EL4 AND openoffice.org-libs is earlier than 0:1.1.5-10.6.0.5.EL4 AND openoffice.org2-langpack-pa_IN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-da_DK is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-emailmerge is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-pt_PT is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-es is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-sv is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ms_MY is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-cs_CZ is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-xsltfilter is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ja_JP is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-hu_HU is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-zh_TW is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-sl_SI is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-de is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-pyuno is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2 is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-tr_TR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-impress is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-bn is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ar is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-pt_BR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-af_ZA is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-pl_PL is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-calc is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-zu_ZA is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-fi_FI is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-sk_SK is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-hi_IN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-nb_NO is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-th_TH is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-et_EE is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-gl_ES is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-it is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-hr_HR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org-i18n is earlier than 0:1.1.5-10.6.0.5.EL4 AND openoffice.org2-langpack-ta_IN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-gu_IN is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-testtools is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org-kde is earlier than 0:1.1.5-10.6.0.5.EL4 AND openoffice.org2-langpack-eu_ES is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-el_GR is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-core is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-ru is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-bg_BG is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-nl is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-sr_CS is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-langpack-cy_GB is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-math is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-graphicfilter is earlier than 0:2.0.4-5.7.0.5.0 AND openoffice.org2-writer is earlier than 0:2.0.4-5.7.0.5.0 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section openoffice.org-langpack-sk_SK is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zu_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pa_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hi_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-et_EE is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-kn_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zh_TW is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-writer is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ve_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ga_IE is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ta_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ko_KR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-or_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-da_DK is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sr_CS is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pl_PL is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-fr is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ts_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-javafilter is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-as_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-testtools is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hr_HR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-de is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-emailmerge is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-xsltfilter is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-tn_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-te_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sv is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-base is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ca_ES is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nr_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-core is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nl is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ur is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nn_NO is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ar is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ja_JP is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-gu_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-tr_TR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-eu_ES is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-fi_FI is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-graphicfilter is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-pyuno is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ml_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-gl_ES is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-sdk-doc is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-zh_CN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-xh_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-it is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-sdk is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-es is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nb_NO is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-sl_SI is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-draw is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-nso_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ms_MY is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-el_GR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-hu_HU is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ss_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-bn is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-he_IL is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pt_PT is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-lt_LT is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-af_ZA is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-bg_BG is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-calc is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-cs_CZ is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-cy_GB is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-mr_IN is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-headless is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-th_TH is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-pt_BR is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-ru is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-math is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-impress is earlier than 0:2.3.0-6.5.1.el5_2 AND openoffice.org-langpack-st_ZA is earlier than 0:2.3.0-6.5.1.el5_2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Openoffice Openoffice.Org cpe:2.3:a:openoffice:openoffice.org:2.4:::::::* cpe:2.3:a:openoffice:openoffice.org:2.3:::::::* cpe:2.3:a:openoffice:openoffice.org:2.2:::::::* cpe:2.3:a:openoffice:openoffice.org:2.1:::::::* cpe:2.3:a:openoffice:openoffice.org:2.0:::::::*	5

OpenVAS Exploits

Date	Description
2009-04-09	Name : Mandriva Update for openoffice.org MDVSA-2008:138 (openoffice.org) File : nvt/gb_mandriva_MDVSA_2008_138.nasl
2009-04-09	Name : Mandriva Update for openoffice.org MDVSA-2008:137 (openoffice.org) File : nvt/gb_mandriva_MDVSA_2008_137.nasl
2009-03-06	Name : RedHat Update for openoffice.org RHSA-2008:0537-01 File : nvt/gb_RHSA-2008_0537-01_openoffice.org.nasl
2009-03-06	Name : RedHat Update for openoffice.org RHSA-2008:0538-01 File : nvt/gb_RHSA-2008_0538-01_openoffice.org.nasl
2009-02-27	Name : CentOS Update for openoffice.org2-base CESA-2008:0537 centos4 x86_64 File : nvt/gb_CESA-2008_0537_openoffice.org2-base_centos4_x86_64.nasl
2009-02-27	Name : CentOS Update for openoffice.org CESA-2008:0538 centos3 i386 File : nvt/gb_CESA-2008_0538_openoffice.org_centos3_i386.nasl
2009-02-27	Name : CentOS Update for openoffice.org CESA-2008:0538 centos3 x86_64 File : nvt/gb_CESA-2008_0538_openoffice.org_centos3_x86_64.nasl
2009-02-27	Name : CentOS Update for openoffice.org CESA-2008:0538 centos4 i386 File : nvt/gb_CESA-2008_0538_openoffice.org_centos4_i386.nasl
2009-02-27	Name : CentOS Update for openoffice.org CESA-2008:0538 centos4 x86_64 File : nvt/gb_CESA-2008_0538_openoffice.org_centos4_x86_64.nasl
2009-02-27	Name : CentOS Update for openoffice.org2-base CESA-2008:0537 centos4 i386 File : nvt/gb_CESA-2008_0537_openoffice.org2-base_centos4_i386.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-5247 File : nvt/gb_fedora_2008_5247_openoffice.org_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-9333 File : nvt/gb_fedora_2008_9333_openoffice.org_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-7531 File : nvt/gb_fedora_2008_7531_openoffice.org_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-5239 File : nvt/gb_fedora_2008_5239_openoffice.org_fc7.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-5143 File : nvt/gb_fedora_2008_5143_openoffice.org_fc9.nasl
2008-10-01	Name : OpenOffice rtl_allocateMemory Heap Based BOF Vulnerability (Linux) File : nvt/gb_openoffice_rtl_allocatememory_bof_vuln_lin.nasl
2008-10-01	Name : OpenOffice rtl_allocateMemory Heap Based BOF Vulnerability File : nvt/gb_openoffice_rtl_allocatememory_bof_vuln_win.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200807-05 (openoffice openoffice-bin) File : nvt/glsa_200807_05.nasl
2008-09-09	Name : OpenOffice.org <= 2.4.1 vulnerability (Lin) File : nvt/openoffice_CB-A08-0068.nasl
2008-09-09	Name : OpenOffice.org <= 2.4.1 vulnerability (Win) File : nvt/smbcl_openoffice_CB-A08-0068.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
46052	OpenOffice.org (OOo) rtl_allocateMemory() Function Crafted Document Handling ...

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0538.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080612_openoffice_org2_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080612_openoffice_org_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080612_openoffice_org_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-137.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-138.nasl - Type : ACT_GATHER_INFO
2008-07-10	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200807-05.nasl - Type : ACT_GATHER_INFO
2008-07-02	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0537.nasl - Type : ACT_GATHER_INFO
2008-06-16	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0538.nasl - Type : ACT_GATHER_INFO
2008-06-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0537.nasl - Type : ACT_GATHER_INFO
2008-06-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0538.nasl - Type : ACT_GATHER_INFO
2008-06-12	Name : The remote Fedora host is missing a security update. File : fedora_2008-5143.nasl - Type : ACT_GATHER_INFO
2008-06-12	Name : The remote Fedora host is missing a security update. File : fedora_2008-5239.nasl - Type : ACT_GATHER_INFO
2008-06-12	Name : The remote Fedora host is missing a security update. File : fedora_2008-5247.nasl - Type : ACT_GATHER_INFO
2008-06-10	Name : The remote Windows host has a program affected by an integer overflow vulnera... File : openoffice_241.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	2
CPE ID(s)	5
osvdb(s)	1
Openvas Exploit(s)	20
Nessus® Exploit(s)	15

	Related
9.3	CVE-2008-2152
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)