OpenOffice XML External Entity RDF Document Handling Information Disclosure
High Nessus Plugin ID 58727
SynopsisThe remote host is running an application affected by a data leakage vulnerability.
DescriptionThe remote host is running a version of OpenOffice.org that has flaws in the way certain XML components are processed for external entities in ODF documents. These flaws can be utilized to access and inject the content of local files into an ODF document without a user's knowledge or permission, or inject arbitrary code that would be executed when opened by the user.
SolutionEither upgrade to 340m1(Build:9589) or apply the patch referenced in the vendor's advisory.