Detections
Analytics

Fedora 12 : openoffice.org-3.1.1-19.26.fc12 (2010-1847)

high Nessus Plugin ID 47276

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

- Fri Feb 12 2010 Caolan McNamara <caolanm at redhat.com>
 - 1:3.1.1-19.26

 - CVE-2009-2950 GIF file parsing heap overflow (caolanm)

 - CVE-2009-2949 integer overflow in XPM processing (caolanm)

 - CVE-2009-3301 .doc Table Parsing vulernability (caolanm)

 - CVE-2009-3302 .doc Table Parsing vulernability (caolanm)

 - Resolves: rhbz#561778 openoffice.org-3.2.0.oooXXXXX.svx.safestyledelete.patc h

 - Resolves: rhbz#561989 openoffice.org-3.2.0.ooo109009.sc.tooltipcrash.patch

 - Resolves: rhbz#445588 improve same name substitution

 - Tue Feb 2 2010 Caolan McNamara <caolanm at redhat.com>
 - 1:3.1.1-19.25

 - Resolves: rhbz#549890 add workspace.extmgr01.patch (dtardon)

 - Resolves: rhbz#551983 OpenOffice writer crashes when opening document with link in footnote (dtardon)

 - Resolves: rhbz#550316 Openoffice.org Impress loses graphics when background color is changed (dtardon)

 - Resolves: rhbz#554259 No autocorrect files for Lithuanian (dtardon)

 - Resolves: rhbz#553929 [abrt] crash in ColorConfigCtrl_Impl::ScrollHdl (dtardon)

 - Resolves: rhbz#549573 improve document compare (caolanm)

 - Resolves: rbhz#555257 openoffice cannot use JPEG images using CMYK colorspace (dtardon)

 - Resolves: rhbz#558342 [abrt] crash in SvxNumOptionsTabPage::InitControls (dtardon)

 - Resolves: ooo#108637/rhbz#558253 sfx2 uisavedir (caolanm)

 - Resolves: rhbz#560435 rtf dropcap crash (caolanm)

 - Resolves: rhbz#560996/rhbz#560353 qstartfixes (caolanm)

 - Tue Dec 22 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.24

 - Resolves: rhbz#545824 bustage in writer with emboldened fonts

 - Fri Dec 18 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.23

 - Resolves: rhbz#548512 workspace.ooo32gsl03.patch

 - Tue Dec 15 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.22

 - Resolves: rhbz#529648 add workspace.fwk132.patch

 - Resolves: rhbz#547176 add openoffice.org-3.2.0.ooo47279.sd.objectsave.safe.patch

 - Wed Dec 9 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.21

 - Resolves: rhbz#544124 add openoffice.org-3.2.0.ooo106502.svx.fixspelltimer.patch

 - Resolves: rhbz#544218 add openoffice.org-3.2.0.ooo107552.vcl.sft.patch

 - Resolves: rhbz#545783 add workspace.vcl105.patch

 - Fri Nov 27 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.20

 - Resolves: rhbz#541222 add openoffice.org-3.2.0.ooo107260.dtrans.clipboard.shutdo wn.patch (caolanm)

 - Mon Nov 23 2009 Caolan McNamara <caolanm at redhat.com>
 - 1:3.1.1-19.19

 - Resolves: rhbz#540379/ooo#107131 impress tabledrag crash

 - Resolves: rhbz#540231 add openoffice.org-3.2.0.oooXXXXX.canvas.fixcolorspace.pat ch

 - add openoffice.org-4.2.0.ooo107151.sc.pop-empty-cell.patch (dtardon)

 - Resolves: rhbz#533538 OpenOffice keyboard shortcuts mis-map in the Spanish localized version of OOo (caolanm)

 - Tue Nov 17 2009 Caolan McNamara <caolanm at redhat.com>
 - 1:3.1.1-19.18

 - Resolves: ooo#59648 sw .doc export scaling (caolanm)

 - Tue Nov 10 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.17

 - Resolves: rhbz#533841 ooo#105710 svx loadstorenumbering (caolanm)

[plus 8 lines in the Changelog]

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected openoffice.org package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=527512

https://bugzilla.redhat.com/show_bug.cgi?id=527540

https://bugzilla.redhat.com/show_bug.cgi?id=533038

https://bugzilla.redhat.com/show_bug.cgi?id=533043

http://www.nessus.org/u?7a24e1b6

Plugin Details

Severity: High

ID: 47276

File Name: fedora_2010-1847.nasl

Version: 1.19

Type: local

Agent: unix

Published: 7/1/2010

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:openoffice.org, cpe:/o:fedoraproject:fedora:12

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/16/2010

Vulnerability Publication Date: 2/16/2010

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-2949, CVE-2009-2950, CVE-2009-3301, CVE-2009-3302

BID: 38218

CWE: 119, 189, 94

FEDORA: 2010-1847