CVE-2006-2198

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.

References

http://fedoranews.org/cms/node/2343

http://secunia.com/advisories/20867

http://secunia.com/advisories/20893

http://secunia.com/advisories/20910

http://secunia.com/advisories/20911

http://secunia.com/advisories/20913

http://secunia.com/advisories/20975

http://secunia.com/advisories/20995

http://secunia.com/advisories/21278

http://secunia.com/advisories/22129

http://secunia.com/advisories/23620

http://security.gentoo.org/glsa/glsa-200607-12.xml

http://securitytracker.com/id?1016414

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1

http://www.debian.org/security/2006/dsa-1104

http://www.kb.cert.org/vuls/id/170113

http://www.mandriva.com/security/advisories?name=MDKSA-2006:118

http://www.novell.com/linux/security/advisories/2006_40_openoffice.html

http://www.openoffice.org/security/CVE-2006-2199.html

http://www.redhat.com/support/errata/RHSA-2006-0573.html

http://www.securityfocus.com/archive/1/447035/100/0/threaded

http://www.securityfocus.com/bid/18738

http://www.ubuntu.com/usn/usn-313-1

http://www.ubuntu.com/usn/usn-313-2

http://www.vupen.com/english/advisories/2006/2607

http://www.vupen.com/english/advisories/2006/2621

https://exchange.xforce.ibmcloud.com/vulnerabilities/27564

https://issues.rpath.com/browse/RPL-475

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082

Details

Source: MITRE

Published: 2006-06-30

Updated: 2018-10-18

Type: CWE-264

Risk Information

CVSS v2

Base Score: 7.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 4.9

Severity: HIGH

Tenable Plugins

View all (26 total)

IDNameProductFamilySeverity
107858Solaris 10 (x86) : 120190-23NessusSolaris Local Security Checks
high
107857Solaris 10 (x86) : 120186-23NessusSolaris Local Security Checks
high
107356Solaris 10 (sparc) : 120189-23NessusSolaris Local Security Checks
high
107355Solaris 10 (sparc) : 120185-23NessusSolaris Local Security Checks
high
27889Ubuntu 5.10 : openoffice.org2-amd64, openoffice.org2 vulnerabilities (USN-313-2)NessusUbuntu Local Security Checks
high
27888Ubuntu 5.04 / 6.06 LTS : openoffice.org-amd64, openoffice.org vulnerabilities (USN-313-1)NessusUbuntu Local Security Checks
high
27134openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-1698)NessusSuSE Local Security Checks
high
24184Fedora Core 5 : openoffice.org-2.0.2-5.20.2 / Fedora Core 6 : openoffice.org-2.0.4-5.5.10 (2007-005)NessusFedora Local Security Checks
high
23617Solaris 5.9 (x86) : 120190-19NessusSolaris Local Security Checks
high
23616Solaris 5.9 (x86) : 120186-19NessusSolaris Local Security Checks
high
23558Solaris 5.9 (sparc) : 120189-19NessusSolaris Local Security Checks
high
23557Solaris 5.9 (sparc) : 120185-19NessusSolaris Local Security Checks
high
23468Solaris 5.8 (x86) : 120190-19NessusSolaris Local Security Checks
high
23467Solaris 5.8 (x86) : 120186-19NessusSolaris Local Security Checks
high
23420Solaris 5.8 (sparc) : 120189-19NessusSolaris Local Security Checks
high
23419Solaris 5.8 (sparc) : 120185-19NessusSolaris Local Security Checks
high
22994Solaris 5.10 (x86) : 120190-19NessusSolaris Local Security Checks
high
22993Solaris 5.10 (x86) : 120186-19NessusSolaris Local Security Checks
high
22961Solaris 5.10 (sparc) : 120189-19NessusSolaris Local Security Checks
high
22960Solaris 5.10 (sparc) : 120185-19NessusSolaris Local Security Checks
high
22646Debian DSA-1104-2 : openoffice.org - several vulnerabilitiesNessusDebian Local Security Checks
high
22120GLSA-200607-12 : OpenOffice.org: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
22014Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2006:118)NessusMandriva Local Security Checks
high
21916RHEL 3 / 4 : openoffice.org (RHSA-2006:0573)NessusRed Hat Local Security Checks
high
21906CentOS 3 / 4 : openoffice.org (CESA-2006:0573)NessusCentOS Local Security Checks
high
21784OpenOffice < 2.0.3 Multiple VulnerabilitiesNessusWindows
high