SUSE-SA:2005:025: OpenOffice_org

Medium Nessus Plugin ID 18096


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2005:025 (OpenOffice_org).

This security update fixes a buffer overflow in OpenOffice_org Microsoft Word document reader which could allow a remote attacker sending a handcrafted .doc file to execute code as the user opening the document in OpenOffice.

This is tracked by the Mitre CVE ID CVE-2005-0941.

WARNING: The updated packages are very large for distributions before SUSE Linux 9.2 and 9.3.

The minimum download sizes for those are:
SUSE Linux Desktop 1: 47 MB Novell Linux Desktop 9: 41 MB SUSE Linux 8.2: 37 MB SUSE Linux 9.0: 46 MB SUSE Linux 9.1: 50 MB SUSE Linux 9.2: 2.1 MB (using delta rpm) SUSE Linux 9.3: 3.5 MB (using delta rpm)


Plugin Details

Severity: Medium

ID: 18096

File Name: suse_SA_2005_025.nasl

Version: $Revision: 1.7 $

Agent: unix

Published: 2005/04/19

Modified: 2016/12/27

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Reference Information

CVE: CVE-2005-0941