Ubuntu Security Notice (C) 2005-2013 Canonical, Inc. / NASL script (C) 2006-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
The StgCompObjStream::Load() failed to check the validity of a length
field in documents. If an attacker tricked a user to open a specially
crafted OpenOffice file, this triggered a buffer overflow which could
lead to arbitrary code execution with the privileges of the user
opening the document.
The update for Ubuntu 5.04 (Hoary Hedgehog) also contains a
translation update: The 'openoffice.org-l10n-xh' package now contains
actual Xhosa translations (the previous version just shipped English
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.1
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 20510 ()
CVE ID: CVE-2005-0941
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.