Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

OpenOffice < 3.2.1 Multiple Vulnerabilities

Medium

Synopsis

The remote host has a program that is affected by multiple vulnerabilities.

Description

The version of OpenOffice installed on the remote host is earlier than 3.2.1. Such version are affected by several issues :

- There is a TLS/SSL renegotiation vulnerability in the included third-party OpenSSL library. (CVE-2009-3555)

- There is a python scripting vulnerability which may lead to undesired code execution when using the OpenOffice scripting IDE. (CVE-2010-0395)

Solution

Upgrade to OpenOffice version 3.2.1 or later.