Mandriva Linux Security Advisory : openoffice.org (MDVSA-2009:006)

high Nessus Plugin ID 36505

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Heap-based overflow on functions to manipulate WMF and EMF files in OpenOffice.org documments enables remote attackers to execute arbitrary code on documments holding certain crafted either WMF or EMF files (CVE-2008-2237) (CVE-2008-2238).

This update provide the fix for these security issues and further openoffice.org-voikko package has been updated as it depends on openoffice.org packages.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 36505

File Name: mandriva_MDVSA-2009-006.nasl

Version: 1.13

Type: local

Family: Mandriva Local Security Checks

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:openoffice.org, p-cpe:/a:mandriva:linux:openoffice.org-base, p-cpe:/a:mandriva:linux:openoffice.org-calc, p-cpe:/a:mandriva:linux:openoffice.org-common, p-cpe:/a:mandriva:linux:openoffice.org-core, p-cpe:/a:mandriva:linux:openoffice.org-devel, p-cpe:/a:mandriva:linux:openoffice.org-devel-doc, p-cpe:/a:mandriva:linux:openoffice.org-draw, p-cpe:/a:mandriva:linux:openoffice.org-dtd-officedocument1.0, p-cpe:/a:mandriva:linux:openoffice.org-filter-binfilter, p-cpe:/a:mandriva:linux:openoffice.org-galleries, p-cpe:/a:mandriva:linux:openoffice.org-gnome, p-cpe:/a:mandriva:linux:openoffice.org-help-af, p-cpe:/a:mandriva:linux:openoffice.org-help-ar, p-cpe:/a:mandriva:linux:openoffice.org-help-bg, p-cpe:/a:mandriva:linux:openoffice.org-help-br, p-cpe:/a:mandriva:linux:openoffice.org-help-bs, p-cpe:/a:mandriva:linux:openoffice.org-help-ca, p-cpe:/a:mandriva:linux:openoffice.org-help-cs, p-cpe:/a:mandriva:linux:openoffice.org-help-cy, p-cpe:/a:mandriva:linux:openoffice.org-help-da, p-cpe:/a:mandriva:linux:openoffice.org-help-de, p-cpe:/a:mandriva:linux:openoffice.org-help-el, p-cpe:/a:mandriva:linux:openoffice.org-help-en_gb, p-cpe:/a:mandriva:linux:openoffice.org-help-es, p-cpe:/a:mandriva:linux:openoffice.org-help-et, p-cpe:/a:mandriva:linux:openoffice.org-help-eu, p-cpe:/a:mandriva:linux:openoffice.org-help-fi, p-cpe:/a:mandriva:linux:openoffice.org-help-fr, p-cpe:/a:mandriva:linux:openoffice.org-help-he, p-cpe:/a:mandriva:linux:openoffice.org-help-hi, p-cpe:/a:mandriva:linux:openoffice.org-help-hu, p-cpe:/a:mandriva:linux:openoffice.org-help-it, p-cpe:/a:mandriva:linux:openoffice.org-help-ja, p-cpe:/a:mandriva:linux:openoffice.org-help-ko, p-cpe:/a:mandriva:linux:openoffice.org-help-mk, p-cpe:/a:mandriva:linux:openoffice.org-help-nb, p-cpe:/a:mandriva:linux:openoffice.org-help-nl, p-cpe:/a:mandriva:linux:openoffice.org-help-nn, p-cpe:/a:mandriva:linux:openoffice.org-help-pl, p-cpe:/a:mandriva:linux:openoffice.org-help-pt, p-cpe:/a:mandriva:linux:openoffice.org-help-pt_br, p-cpe:/a:mandriva:linux:openoffice.org-help-ru, p-cpe:/a:mandriva:linux:openoffice.org-help-sk, p-cpe:/a:mandriva:linux:openoffice.org-help-sl, p-cpe:/a:mandriva:linux:openoffice.org-help-sv, p-cpe:/a:mandriva:linux:openoffice.org-help-ta, p-cpe:/a:mandriva:linux:openoffice.org-help-tr, p-cpe:/a:mandriva:linux:openoffice.org-help-zh_cn, p-cpe:/a:mandriva:linux:openoffice.org-help-zh_tw, p-cpe:/a:mandriva:linux:openoffice.org-help-zu, p-cpe:/a:mandriva:linux:openoffice.org-impress, p-cpe:/a:mandriva:linux:openoffice.org-java-common, p-cpe:/a:mandriva:linux:openoffice.org-kde, p-cpe:/a:mandriva:linux:openoffice.org-l10n-af, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ar, p-cpe:/a:mandriva:linux:openoffice.org-l10n-bg, p-cpe:/a:mandriva:linux:openoffice.org-l10n-br, p-cpe:/a:mandriva:linux:openoffice.org-l10n-bs, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ca, p-cpe:/a:mandriva:linux:openoffice.org-l10n-cs, p-cpe:/a:mandriva:linux:openoffice.org-l10n-cy, p-cpe:/a:mandriva:linux:openoffice.org-l10n-da, p-cpe:/a:mandriva:linux:openoffice.org-l10n-de, p-cpe:/a:mandriva:linux:openoffice.org-l10n-el, p-cpe:/a:mandriva:linux:openoffice.org-l10n-en_gb, p-cpe:/a:mandriva:linux:openoffice.org-l10n-es, p-cpe:/a:mandriva:linux:openoffice.org-l10n-et, p-cpe:/a:mandriva:linux:openoffice.org-l10n-eu, p-cpe:/a:mandriva:linux:openoffice.org-l10n-fi, p-cpe:/a:mandriva:linux:openoffice.org-l10n-fr, p-cpe:/a:mandriva:linux:openoffice.org-l10n-he, p-cpe:/a:mandriva:linux:openoffice.org-l10n-hi, p-cpe:/a:mandriva:linux:openoffice.org-l10n-hu, p-cpe:/a:mandriva:linux:openoffice.org-l10n-it, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ja, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ko, p-cpe:/a:mandriva:linux:openoffice.org-l10n-mk, p-cpe:/a:mandriva:linux:openoffice.org-l10n-nb, p-cpe:/a:mandriva:linux:openoffice.org-l10n-nl, p-cpe:/a:mandriva:linux:openoffice.org-l10n-nn, p-cpe:/a:mandriva:linux:openoffice.org-l10n-pl, p-cpe:/a:mandriva:linux:openoffice.org-l10n-pt, p-cpe:/a:mandriva:linux:openoffice.org-l10n-pt_br, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ru, p-cpe:/a:mandriva:linux:openoffice.org-l10n-sk, p-cpe:/a:mandriva:linux:openoffice.org-l10n-sl, p-cpe:/a:mandriva:linux:openoffice.org-l10n-sv, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ta, p-cpe:/a:mandriva:linux:openoffice.org-l10n-tr, p-cpe:/a:mandriva:linux:openoffice.org-l10n-zh_cn, p-cpe:/a:mandriva:linux:openoffice.org-l10n-zh_tw, p-cpe:/a:mandriva:linux:openoffice.org-l10n-zu, p-cpe:/a:mandriva:linux:openoffice.org-math, p-cpe:/a:mandriva:linux:openoffice.org-mono, p-cpe:/a:mandriva:linux:openoffice.org-ooqstart, p-cpe:/a:mandriva:linux:openoffice.org-openclipart, p-cpe:/a:mandriva:linux:openoffice.org-pyuno, p-cpe:/a:mandriva:linux:openoffice.org-style-andromeda, p-cpe:/a:mandriva:linux:openoffice.org-style-crystal, p-cpe:/a:mandriva:linux:openoffice.org-style-hicontrast, p-cpe:/a:mandriva:linux:openoffice.org-style-industrial, p-cpe:/a:mandriva:linux:openoffice.org-style-tango, p-cpe:/a:mandriva:linux:openoffice.org-testtool, p-cpe:/a:mandriva:linux:openoffice.org-writer, p-cpe:/a:mandriva:linux:openoffice.org64, p-cpe:/a:mandriva:linux:openoffice.org64-base, p-cpe:/a:mandriva:linux:openoffice.org64-calc, p-cpe:/a:mandriva:linux:openoffice.org64-common, p-cpe:/a:mandriva:linux:openoffice.org64-core, p-cpe:/a:mandriva:linux:openoffice.org64-devel, p-cpe:/a:mandriva:linux:openoffice.org64-devel-doc, p-cpe:/a:mandriva:linux:openoffice.org64-draw, p-cpe:/a:mandriva:linux:openoffice.org64-dtd-officedocument1.0, p-cpe:/a:mandriva:linux:openoffice.org64-filter-binfilter, p-cpe:/a:mandriva:linux:openoffice.org64-galleries, p-cpe:/a:mandriva:linux:openoffice.org64-gnome, p-cpe:/a:mandriva:linux:openoffice.org64-help-af, p-cpe:/a:mandriva:linux:openoffice.org64-help-ar, p-cpe:/a:mandriva:linux:openoffice.org64-help-bg, p-cpe:/a:mandriva:linux:openoffice.org64-help-br, p-cpe:/a:mandriva:linux:openoffice.org64-help-bs, p-cpe:/a:mandriva:linux:openoffice.org64-help-ca, p-cpe:/a:mandriva:linux:openoffice.org64-help-cs, p-cpe:/a:mandriva:linux:openoffice.org64-help-cy, p-cpe:/a:mandriva:linux:openoffice.org64-help-da, p-cpe:/a:mandriva:linux:openoffice.org64-help-nb, p-cpe:/a:mandriva:linux:openoffice.org64-help-nl, p-cpe:/a:mandriva:linux:openoffice.org64-help-nn, p-cpe:/a:mandriva:linux:openoffice.org64-help-pl, p-cpe:/a:mandriva:linux:openoffice.org64-help-pt, p-cpe:/a:mandriva:linux:openoffice.org64-help-pt_br, p-cpe:/a:mandriva:linux:openoffice.org64-help-ru, p-cpe:/a:mandriva:linux:openoffice.org64-help-sk, p-cpe:/a:mandriva:linux:openoffice.org64-help-sl, p-cpe:/a:mandriva:linux:openoffice.org64-help-sv, p-cpe:/a:mandriva:linux:openoffice.org64-help-ta, p-cpe:/a:mandriva:linux:openoffice.org64-help-tr, p-cpe:/a:mandriva:linux:openoffice.org64-help-zh_cn, p-cpe:/a:mandriva:linux:openoffice.org64-help-zh_tw, p-cpe:/a:mandriva:linux:openoffice.org64-help-zu, p-cpe:/a:mandriva:linux:openoffice.org64-impress, p-cpe:/a:mandriva:linux:openoffice.org64-java-common, p-cpe:/a:mandriva:linux:openoffice.org64-kde, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-af, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ar, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-bg, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-br, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-bs, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ca, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-cs, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-cy, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-da, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-de, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-el, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-en_gb, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-es, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-et, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-eu, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-fi, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-fr, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-he, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-hi, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-hu, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-it, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ja, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ko, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-mk, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-nb, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-nl, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-nn, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-pl, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-pt, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-pt_br, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ru, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-sk, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-sl, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-sv, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ta, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-tr, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-zh_cn, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-zh_tw, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-zu, p-cpe:/a:mandriva:linux:openoffice.org64-math, p-cpe:/a:mandriva:linux:openoffice.org64-mono, p-cpe:/a:mandriva:linux:openoffice.org64-ooqstart, p-cpe:/a:mandriva:linux:openoffice.org64-openclipart, p-cpe:/a:mandriva:linux:openoffice.org64-pyuno, p-cpe:/a:mandriva:linux:openoffice.org64-style-andromeda, p-cpe:/a:mandriva:linux:openoffice.org64-style-crystal, p-cpe:/a:mandriva:linux:openoffice.org64-style-hicontrast, p-cpe:/a:mandriva:linux:openoffice.org64-style-industrial, p-cpe:/a:mandriva:linux:openoffice.org64-style-tango, p-cpe:/a:mandriva:linux:openoffice.org64-testtool, p-cpe:/a:mandriva:linux:openoffice.org64-writer, cpe:/o:mandriva:linux:2008.0, cpe:/o:mandriva:linux:2008.1, p-cpe:/a:mandriva:linux:openoffice.org64-help-de, p-cpe:/a:mandriva:linux:openoffice.org64-help-el, p-cpe:/a:mandriva:linux:openoffice.org64-help-en_gb, p-cpe:/a:mandriva:linux:openoffice.org64-help-es, p-cpe:/a:mandriva:linux:openoffice.org64-help-et, p-cpe:/a:mandriva:linux:openoffice.org64-help-eu, p-cpe:/a:mandriva:linux:openoffice.org64-help-fi, p-cpe:/a:mandriva:linux:openoffice.org64-help-fr, p-cpe:/a:mandriva:linux:openoffice.org64-help-he, p-cpe:/a:mandriva:linux:openoffice.org64-help-hi, p-cpe:/a:mandriva:linux:openoffice.org64-help-hu, p-cpe:/a:mandriva:linux:openoffice.org64-help-it, p-cpe:/a:mandriva:linux:openoffice.org64-help-ja, p-cpe:/a:mandriva:linux:openoffice.org64-help-ko, p-cpe:/a:mandriva:linux:openoffice.org64-help-mk

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 1/13/2009

Reference Information

CVE: CVE-2008-2237, CVE-2008-2238

CWE: 119

MDVSA: 2009:006

Detections

Analytics