Mandriva Linux Security Advisory : openoffice.org (MDVSA-2008:095)

high Nessus Plugin ID 37969

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

A vulnerability in HSQLDB before 1.8.0.9 in OpenOffice.org could allow user-assisted remote attackers to execute arbitrary Java code via crafted database documents (CVE-2007-4575).

A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened (CVE-2007-5746).

Multiple heap overflows and an integer underflow were discovered in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org ro crash or potentially execute arbitrary code (CVE-2007-5745, CVE-2007-5747).

A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code (CVE-2008-0320).

The updated packages have been patched to correct these issues.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 37969

File Name: mandriva_MDVSA-2008-095.nasl

Version: 1.20

Type: local

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:openoffice.org-l10n-fi, p-cpe:/a:mandriva:linux:openoffice.org-l10n-fr, p-cpe:/a:mandriva:linux:openoffice.org-l10n-he, p-cpe:/a:mandriva:linux:openoffice.org-l10n-hi, p-cpe:/a:mandriva:linux:openoffice.org-l10n-hu, p-cpe:/a:mandriva:linux:openoffice.org-l10n-it, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ta, p-cpe:/a:mandriva:linux:openoffice.org-l10n-tr, p-cpe:/a:mandriva:linux:openoffice.org-l10n-zh_cn, p-cpe:/a:mandriva:linux:openoffice.org-l10n-zh_tw, p-cpe:/a:mandriva:linux:openoffice.org-l10n-zu, p-cpe:/a:mandriva:linux:openoffice.org-mono, p-cpe:/a:mandriva:linux:openoffice.org-ooqstart, p-cpe:/a:mandriva:linux:openoffice.org64-galleries, p-cpe:/a:mandriva:linux:openoffice.org64-gnome, p-cpe:/a:mandriva:linux:openoffice.org64-kde, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-af, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ar, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-bg, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-br, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-bs, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ca, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-cs, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-cy, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-da, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-de, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-el, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-en_gb, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-pl, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-pt, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-pt_br, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ru, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-sk, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-sl, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-sv, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ta, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-tr, p-cpe:/a:mandriva:linux:openoffice.org, p-cpe:/a:mandriva:linux:openoffice.org-devel, p-cpe:/a:mandriva:linux:openoffice.org-devel-doc, p-cpe:/a:mandriva:linux:openoffice.org-galleries, p-cpe:/a:mandriva:linux:openoffice.org-gnome, p-cpe:/a:mandriva:linux:openoffice.org-kde, p-cpe:/a:mandriva:linux:openoffice.org-l10n-af, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ar, p-cpe:/a:mandriva:linux:openoffice.org-l10n-bg, p-cpe:/a:mandriva:linux:openoffice.org-l10n-br, p-cpe:/a:mandriva:linux:openoffice.org-l10n-bs, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ca, p-cpe:/a:mandriva:linux:openoffice.org-l10n-cs, p-cpe:/a:mandriva:linux:openoffice.org-l10n-cy, p-cpe:/a:mandriva:linux:openoffice.org-l10n-da, p-cpe:/a:mandriva:linux:openoffice.org-l10n-de, p-cpe:/a:mandriva:linux:openoffice.org-l10n-el, p-cpe:/a:mandriva:linux:openoffice.org-l10n-en_gb, p-cpe:/a:mandriva:linux:openoffice.org-l10n-es, p-cpe:/a:mandriva:linux:openoffice.org-l10n-et, p-cpe:/a:mandriva:linux:openoffice.org-l10n-eu, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ja, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ko, p-cpe:/a:mandriva:linux:openoffice.org-l10n-mk, p-cpe:/a:mandriva:linux:openoffice.org-l10n-nb, p-cpe:/a:mandriva:linux:openoffice.org-l10n-nl, p-cpe:/a:mandriva:linux:openoffice.org-l10n-nn, p-cpe:/a:mandriva:linux:openoffice.org-l10n-pl, p-cpe:/a:mandriva:linux:openoffice.org-l10n-pt, p-cpe:/a:mandriva:linux:openoffice.org-l10n-pt_br, p-cpe:/a:mandriva:linux:openoffice.org-l10n-ru, p-cpe:/a:mandriva:linux:openoffice.org-l10n-sk, p-cpe:/a:mandriva:linux:openoffice.org-l10n-sl, p-cpe:/a:mandriva:linux:openoffice.org-l10n-sv, p-cpe:/a:mandriva:linux:openoffice.org64, p-cpe:/a:mandriva:linux:openoffice.org64-devel, p-cpe:/a:mandriva:linux:openoffice.org64-devel-doc, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-es, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-et, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-eu, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-fi, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-fr, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-he, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-hi, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-hu, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-it, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ja, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-ko, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-mk, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-nb, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-nl, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-nn, p-cpe:/a:mandriva:linux:openoffice.org64-ooqstart, cpe:/o:mandriva:linux:2008.0, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-zh_cn, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-zh_tw, p-cpe:/a:mandriva:linux:openoffice.org64-l10n-zu, p-cpe:/a:mandriva:linux:openoffice.org64-mono

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/2/2008

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow)

Reference Information

CVE: CVE-2007-4575, CVE-2007-5745, CVE-2007-5746, CVE-2007-5747, CVE-2008-0320

CWE: 119, 189, 94

MDVSA: 2008:095