Test Kennung:	1.3.6.1.4.1.25623.1.0.831613
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Update for libreoffice MDVSA-2012:091 (libreoffice)
Zusammenfassung:	The remote host is missing an update for the 'libreoffice'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libreoffice' package(s) announced via the referenced advisory. Vulnerability Insight: Security issues were identified and fixed in libreoffice: An integer overflow vulnerability in the libreoffice graphic loading code could allow a remote attacker to cause a denial of service (application crash) or potentially execute arbitrary code (CVE-2012-1149). An integer overflow flaw, leading to buffer overflow, was found in the way libreoffice processed invalid Escher graphics records length in PowerPoint documents. An attacker could provide a specially-crafted PowerPoint document that, when opened, would cause libreoffice to crash or, potentially, execute arbitrary code with the privileges of the user running libreoffice (CVE-2012-2334). libreoffice for Mandriva Linux 2011 has been upgraded to the 3.5.4 version which is not vulnerable to these issues. Affected Software/OS: libreoffice on Mandriva Linux 2011.0 Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1149 1027068 http://securitytracker.com/id?1027068 20120516 CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html 46992 http://secunia.com/advisories/46992 47244 http://secunia.com/advisories/47244 49140 http://secunia.com/advisories/49140 49373 http://secunia.com/advisories/49373 49392 http://secunia.com/advisories/49392 50692 http://secunia.com/advisories/50692 53570 http://www.securityfocus.com/bid/53570 60799 http://secunia.com/advisories/60799 81988 http://www.osvdb.org/81988 DSA-2473 http://www.debian.org/security/2012/dsa-2473 DSA-2487 http://www.debian.org/security/2012/dsa-2487 FEDORA-2012-8042 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html FEDORA-2012-8114 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html GLSA-201209-05 http://security.gentoo.org/glsa/glsa-201209-05.xml GLSA-201408-19 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MDVSA-2012:090 http://www.mandriva.com/security/advisories?name=MDVSA-2012:090 MDVSA-2012:091 http://www.mandriva.com/security/advisories?name=MDVSA-2012:091 RHSA-2012:0705 http://rhn.redhat.com/errata/RHSA-2012-0705.html http://www.libreoffice.org/advisories/cve-2012-1149/ http://www.openoffice.org/security/cves/CVE-2012-1149.html openoffice-vclmi-bo(75692) https://exchange.xforce.ibmcloud.com/vulnerabilities/75692 Common Vulnerability Exposure (CVE) ID: CVE-2012-2334 1027070 http://securitytracker.com/id?1027070 20120516 CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0 http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html 82517 http://www.osvdb.org/82517 [oss-security] 20120528 Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification http://www.openwall.com/lists/oss-security/2012/05/28/2 http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e http://www.libreoffice.org/advisories/cve-2012-2334/ http://www.openoffice.org/security/cves/CVE-2012-2334.html https://bugzilla.redhat.com/show_bug.cgi?id=821803 openoffice-powerpoint-dos(75695) https://exchange.xforce.ibmcloud.com/vulnerabilities/75695
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.