Fedora 12 : openoffice.org-3.1.1-19.26.fc12 (2010-1847)

High Nessus Plugin ID 47276


The remote Fedora host is missing a security update.


- Fri Feb 12 2010 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.26

- CVE-2009-2950 GIF file parsing heap overflow (caolanm)

- CVE-2009-2949 integer overflow in XPM processing (caolanm)

- CVE-2009-3301 .doc Table Parsing vulernability (caolanm)

- CVE-2009-3302 .doc Table Parsing vulernability (caolanm)

- Resolves: rhbz#561778 openoffice.org-3.2.0.oooXXXXX.svx.safestyledelete.patc h

- Resolves: rhbz#561989 openoffice.org-3.2.0.ooo109009.sc.tooltipcrash.patch

- Resolves: rhbz#445588 improve same name substitution

- Tue Feb 2 2010 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.25

- Resolves: rhbz#549890 add workspace.extmgr01.patch (dtardon)

- Resolves: rhbz#551983 OpenOffice writer crashes when opening document with link in footnote (dtardon)

- Resolves: rhbz#550316 Openoffice.org Impress loses graphics when background color is changed (dtardon)

- Resolves: rhbz#554259 No autocorrect files for Lithuanian (dtardon)

- Resolves: rhbz#553929 [abrt] crash in ColorConfigCtrl_Impl::ScrollHdl (dtardon)

- Resolves: rhbz#549573 improve document compare (caolanm)

- Resolves: rbhz#555257 openoffice cannot use JPEG images using CMYK colorspace (dtardon)

- Resolves: rhbz#558342 [abrt] crash in SvxNumOptionsTabPage::InitControls (dtardon)

- Resolves: ooo#108637/rhbz#558253 sfx2 uisavedir (caolanm)

- Resolves: rhbz#560435 rtf dropcap crash (caolanm)

- Resolves: rhbz#560996/rhbz#560353 qstartfixes (caolanm)

- Tue Dec 22 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.24

- Resolves: rhbz#545824 bustage in writer with emboldened fonts

- Fri Dec 18 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.23

- Resolves: rhbz#548512 workspace.ooo32gsl03.patch

- Tue Dec 15 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.22

- Resolves: rhbz#529648 add workspace.fwk132.patch

- Resolves: rhbz#547176 add openoffice.org-3.2.0.ooo47279.sd.objectsave.safe.patch

- Wed Dec 9 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.21

- Resolves: rhbz#544124 add openoffice.org-3.2.0.ooo106502.svx.fixspelltimer.patch

- Resolves: rhbz#544218 add openoffice.org-3.2.0.ooo107552.vcl.sft.patch

- Resolves: rhbz#545783 add workspace.vcl105.patch

- Fri Nov 27 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.20

- Resolves: rhbz#541222 add openoffice.org-3.2.0.ooo107260.dtrans.clipboard.shutdo wn.patch (caolanm)

- Mon Nov 23 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.19

- Resolves: rhbz#540379/ooo#107131 impress tabledrag crash

- Resolves: rhbz#540231 add openoffice.org-3.2.0.oooXXXXX.canvas.fixcolorspace.pat ch

- add openoffice.org-4.2.0.ooo107151.sc.pop-empty-cell.patch (dtardon)

- Resolves: rhbz#533538 OpenOffice keyboard shortcuts mis-map in the Spanish localized version of OOo (caolanm)

- Tue Nov 17 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.18

- Resolves: ooo#59648 sw .doc export scaling (caolanm)

- Tue Nov 10 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.17

- Resolves: rhbz#533841 ooo#105710 svx loadstorenumbering (caolanm)

[plus 8 lines in the Changelog]

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Update the affected openoffice.org package.

See Also






Plugin Details

Severity: High

ID: 47276

File Name: fedora_2010-1847.nasl

Version: $Revision: 1.15 $

Type: local

Agent: unix

Published: 2010/07/01

Modified: 2016/12/08

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:openoffice.org, cpe:/o:fedoraproject:fedora:12

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/02/16

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-2949, CVE-2009-2950, CVE-2009-3301, CVE-2009-3302

BID: 38218

FEDORA: 2010-1847

CWE: 94, 119, 189