This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability in HSQLDB before 184.108.40.206 in OpenOffice.org could allow
user-assisted remote attackers to execute arbitrary Java code via
crafted database documents (CVE-2007-4575).
A heap overflow was discovered in OpenOffice.org's EMF parser. An
attacker could create a carefully crafted EMF file that could cause
OpenOffice.org to crash or potentially execute arbitrary code if the
malicious EMF image was added to a document or if a document
containing such an EMF file was opened (CVE-2007-5746).
Multiple heap overflows and an integer underflow were discovered in
the Quattro Pro(R) import filter. An attacker could create a carefully
crafted Quattro Pro file that could cause OpenOffice.org ro crash or
potentially execute arbitrary code (CVE-2007-5745, CVE-2007-5747).
A heap overflow was discovered in the OLE Structured Storage file
parser, a format used by Microsoft Office documents. An attacker could
create a carefully crafted OLE file that could cause OpenOffice.org to
crash or potentially execute arbitrary code (CVE-2008-0320).
The updated packages have been patched to correct these issues.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
Public Exploit Available : true
Family: Mandriva Local Security Checks
Nessus Plugin ID: 37969 (mandriva_MDVSA-2008-095.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now