Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.57811
Categoría:Ubuntu Local Security Checks
Título:Ubuntu USN-406-1 (openoffice.org2/-amd64)
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing an update to openoffice.org2/-amd64
announced via advisory USN-406-1.

A security issue affects the following Ubuntu releases:

Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

An integer overflow was discovered in OpenOffice.org's handling of WMF
files. If a user were tricked into opening a specially crafted WMF
file, an attacker could execute arbitrary code with user privileges.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
openoffice.org2-core 1.9.129-0.1ubuntu4.2

Ubuntu 6.06 LTS:
openoffice.org-core 2.0.2-2ubuntu12.2

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-406-1

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-5870
Bugtraq: 20070104 Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites) (Google Search)
http://www.securityfocus.com/archive/1/455943/100/0/threaded
Bugtraq: 20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites (Google Search)
http://www.securityfocus.com/archive/1/455964/100/0/threaded
Bugtraq: 20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites (Google Search)
http://www.securityfocus.com/archive/1/455947/100/0/threaded
http://www.securityfocus.com/archive/1/455954/100/0/threaded
Bugtraq: 20070108 rPSA-2007-0001-1 openoffice.org (Google Search)
http://www.securityfocus.com/archive/1/456271/100/100/threaded
CERT/CC vulnerability note: VU#220288
http://www.kb.cert.org/vuls/id/220288
Debian Security Information: DSA-1246 (Google Search)
http://www.debian.org/security/2007/dsa-1246
http://fedoranews.org/cms/node/2344
http://security.gentoo.org/glsa/glsa-200701-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:006
http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/
http://osvdb.org/32610
http://osvdb.org/32611
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8280
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9145
http://www.redhat.com/support/errata/RHSA-2007-0001.html
http://securitytracker.com/id?1017466
http://secunia.com/advisories/23549
http://secunia.com/advisories/23600
http://secunia.com/advisories/23612
http://secunia.com/advisories/23616
http://secunia.com/advisories/23620
http://secunia.com/advisories/23682
http://secunia.com/advisories/23683
http://secunia.com/advisories/23711
http://secunia.com/advisories/23712
http://secunia.com/advisories/23762
http://secunia.com/advisories/23920
SGI Security Advisory: 20070101-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102735-1
SuSE Security Announcement: SUSE-SA:2007:001 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html
http://www.ubuntu.com/usn/usn-406-1
http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly
http://www.vupen.com/english/advisories/2007/0031
http://www.vupen.com/english/advisories/2007/0059
XForce ISS Database: openoffice-wmf-bo(31257)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31257
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.