ID de Prueba:	1.3.6.1.4.1.25623.1.0.58173
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:073 (openoffice.org)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to openoffice.org announced via advisory MDKSA-2007:073. Stack-based buffer overflow in the StarCalc parser in OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. (CVE-2007-0238) OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. (CVE-2007-0239) Updated packages have been patched to correct these issues. Affected: 2007.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:073 Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0238 BugTraq ID: 23067 http://www.securityfocus.com/bid/23067 Bugtraq: 20070404 High Risk Vulnerability in OpenOffice (Google Search) http://www.securityfocus.com/archive/1/464724/100/0/threaded Debian Security Information: DSA-1270 (Google Search) http://www.debian.org/security/2007/dsa-1270 http://www.gentoo.org/security/en/glsa/glsa-200704-12.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:073 http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-openoffice-suite/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8968 http://www.redhat.com/support/errata/RHSA-2007-0033.html http://www.redhat.com/support/errata/RHSA-2007-0069.html http://www.securitytracker.com/id?1017799 http://secunia.com/advisories/24465 http://secunia.com/advisories/24550 http://secunia.com/advisories/24588 http://secunia.com/advisories/24613 http://secunia.com/advisories/24646 http://secunia.com/advisories/24647 http://secunia.com/advisories/24676 http://secunia.com/advisories/24810 http://secunia.com/advisories/24906 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102794-1 SuSE Security Announcement: SUSE-SA:2007:023 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html http://www.ubuntu.com/usn/usn-444-1 http://www.vupen.com/english/advisories/2007/1032 http://www.vupen.com/english/advisories/2007/1117 XForce ISS Database: openoffice-starcalc-bo(33112) https://exchange.xforce.ibmcloud.com/vulnerabilities/33112 Common Vulnerability Exposure (CVE) ID: CVE-2007-0239 BugTraq ID: 22812 http://www.securityfocus.com/bid/22812 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11422 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102807-1 XForce ISS Database: openoffice-shell-command-execution(33113) https://exchange.xforce.ibmcloud.com/vulnerabilities/33113
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.