Fedora 11 : openoffice.org-3.1.1-19.12.fc11 (2010-1941)

High Nessus Plugin ID 47289

Synopsis

The remote Fedora host is missing a security update.

Description

- Fri Feb 12 2010 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.12

- CVE-2009-2950 GIF file parsing heap overflow (caolanm)

- CVE-2009-2949 integer overflow in XPM processing (caolanm)

- CVE-2009-3301 .doc Table Parsing vulernability (caolanm)

- CVE-2009-3302 .doc Table Parsing vulernability (caolanm)

- Resolves: rhbz#549890 add workspace.extmgr01.patch (dtardon)

- Resolves: rhbz#551983 OpenOffice writer crashes when opening document with link in footnote (dtardon)

- Resolves: rhbz#550316 Openoffice.org Impress loses graphics when background color is changed (dtardon)

- Resolves: rhbz#553929 [abrt] crash in ColorConfigCtrl_Impl::ScrollHdl (dtardon)

- Resolves: rbhz#555257 openoffice cannot use JPEG images using CMYK colorspace (dtardon)

- Resolves: rhbz#558342 [abrt] crash in SvxNumOptionsTabPage::InitControls (dtardon)

- Tue Dec 15 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.11

- Resolves: rhbz#529648 add workspace.fwk132.patch

- Wed Dec 9 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.10

- Resolves: rhbz#545783 add workspace.vcl105.patch (caolanm)

- Wed Dec 9 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.9

- add openoffice.org-4.2.0.ooo107151.sc.pop-empty-cell.patch (dtardon)

- Resolves: rhbz#533538 OpenOffice keyboard shortcuts mis-map in the Spanish localized version of OOo (caolanm)

- Tue Nov 10 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.8

- Resolves: rhbz#533841 ooo#105710 svx loadstorenumbering (caolanm)

- Thu Nov 5 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.7

- Resolves: ooo#106523 fix pdf/A export on x86_64 (caolanm)

- Thu Nov 5 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.6

- Resolves: rhbz#533146 calc notes go missing on save

- Wed Oct 28 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.5

- Resolves: rhbz#531554 add workspace.chart41.patch

- Wed Oct 21 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.4

- Resolves: rhbz#522839 crash on exit after loading .doc

- Resolves: rhbz#529746 crash on exit after loading .ppt

- Mon Sep 7 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.3

- Resolves: rhbz#521460 - wrong UI label for A3/A5 page sizes in translations

- Wed Sep 2 2009 Caolan McNamara <caolanm at redhat.com>
- 1:3.1.1-19.2

- Resolves: rhbz#520772 copy/paste cockup

- Fri Aug 28 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.1

- update to 3.1.1

- Resolves: rhbz#512355 add openoffice.org-3.1.0.ooo103651.canvas.nosubpixel.patc

- add workspace.os132.patch to avoid switch html view overwrite horror

- Resolves: rhbz#517843 add openoffice.org-3.1.1.ooo104306.moverecentlyused.patch

- Resolves: rhbz#514683 add openoffice.org-3.1.1.ooo104329.dbaccess.primarykeys.pa tch

- Resolves: rbhz#501141 Images and Frames disappear in sequential printing

- backport workspace.vcl102.patch to fix xdg support

- add workspace.cmcfixes62.patch for 64bit odbc goodness and rebuild against now 64bit-safe unixODBC headers

- Thu Jul 9 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.0-11.5

[plus 13 lines in the Changelog]

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected openoffice.org package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=527512

https://bugzilla.redhat.com/show_bug.cgi?id=527540

https://bugzilla.redhat.com/show_bug.cgi?id=533038

https://bugzilla.redhat.com/show_bug.cgi?id=533043

http://www.nessus.org/u?033e2351

Plugin Details

Severity: High

ID: 47289

File Name: fedora_2010-1941.nasl

Version: 1.18

Type: local

Agent: unix

Published: 2010/07/01

Updated: 2019/08/02

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:openoffice.org, cpe:/o:fedoraproject:fedora:11

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/02/16

Vulnerability Publication Date: 2010/02/16

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-2949, CVE-2009-2950, CVE-2009-3301, CVE-2009-3302

BID: 38218

FEDORA: 2010-1941

CWE: 94, 119, 189