Sun OpenOffice.org < 2.3.1 Database HSQLDB Database Document Handling Arbitrary Java Code Execution
High Nessus Plugin ID 29218
SynopsisThe remote Windows host has a program that allows execution of arbitrary code.
DescriptionThe remote host is running a version of Sun Microsystems OpenOffice.org that contains an arbitrary code execution vulnerability in its HSQLDB database engine. If a remote attacker can trick a user into opening a specially crafted database, this issue can be leveraged to execute arbitrary static Java code on the remote host subject to the user's privileges.
SolutionUpgrade to Sun Microsystems OpenOffice.org version 2.3.1 or later.