Test Kennung:	1.3.6.1.4.1.25623.1.0.831599
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Update for libreoffice MDVSA-2012:063 (libreoffice)
Zusammenfassung:	The remote host is missing an update for the 'libreoffice'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libreoffice' package(s) announced via the referenced advisory. Vulnerability Insight: An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2012-0037). libreoffice for Mandriva Linux 2011 has been upgraded to the 3.4.6 version which is not vulnerable to this issue. Affected Software/OS: libreoffice on Mandriva Linux 2011.0 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0037 1026837 http://www.securitytracker.com/id?1026837 48479 http://secunia.com/advisories/48479 48493 http://secunia.com/advisories/48493 48494 http://secunia.com/advisories/48494 48526 http://secunia.com/advisories/48526 48529 http://secunia.com/advisories/48529 48542 http://secunia.com/advisories/48542 48649 http://secunia.com/advisories/48649 50692 http://secunia.com/advisories/50692 52681 http://www.securityfocus.com/bid/52681 60799 http://secunia.com/advisories/60799 80307 http://www.osvdb.org/80307 DSA-2438 http://www.debian.org/security/2012/dsa-2438 FEDORA-2012-4629 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html FEDORA-2012-4663 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html GLSA-201209-05 http://security.gentoo.org/glsa/glsa-201209-05.xml GLSA-201408-19 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MDVSA-2012:061 http://www.mandriva.com/security/advisories?name=MDVSA-2012:061 MDVSA-2012:062 http://www.mandriva.com/security/advisories?name=MDVSA-2012:062 MDVSA-2012:063 http://www.mandriva.com/security/advisories?name=MDVSA-2012:063 RHSA-2012:0410 http://rhn.redhat.com/errata/RHSA-2012-0410.html RHSA-2012:0411 http://rhn.redhat.com/errata/RHSA-2012-0411.html [openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E [oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) http://www.openwall.com/lists/oss-security/2012/03/27/4 http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/ http://librdf.org/raptor/RELEASE.html#rel2_0_7 http://vsecurity.com/resources/advisory/20120324-1/ http://www.libreoffice.org/advisories/CVE-2012-0037/ http://www.openoffice.org/security/cves/CVE-2012-0037.html https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0 openoffice-xml-info-disclosure(74235) https://exchange.xforce.ibmcloud.com/vulnerabilities/74235
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.