ID de Prueba:	1.3.6.1.4.1.25623.1.0.58883
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0069
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0069. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. John Heasman discovered a stack overflow in the StarCalc parser in OpenOffice. An attacker could create a carefully crafted StarCalc file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-0238) Flaws were discovered in the way OpenOffice.org handled hyperlinks. An attacker could create an OpenOffice.org document which could run commands if a victim opened the file and clicked on a malicious hyperlink. (CVE-2007-0239) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain a backported fix to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0069.html http://www.redhat.com/security/updates/classification/#important Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0238 BugTraq ID: 23067 http://www.securityfocus.com/bid/23067 Bugtraq: 20070404 High Risk Vulnerability in OpenOffice (Google Search) http://www.securityfocus.com/archive/1/464724/100/0/threaded Debian Security Information: DSA-1270 (Google Search) http://www.debian.org/security/2007/dsa-1270 http://www.gentoo.org/security/en/glsa/glsa-200704-12.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:073 http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-openoffice-suite/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8968 http://www.redhat.com/support/errata/RHSA-2007-0033.html http://www.redhat.com/support/errata/RHSA-2007-0069.html http://www.securitytracker.com/id?1017799 http://secunia.com/advisories/24465 http://secunia.com/advisories/24550 http://secunia.com/advisories/24588 http://secunia.com/advisories/24613 http://secunia.com/advisories/24646 http://secunia.com/advisories/24647 http://secunia.com/advisories/24676 http://secunia.com/advisories/24810 http://secunia.com/advisories/24906 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102794-1 SuSE Security Announcement: SUSE-SA:2007:023 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html http://www.ubuntu.com/usn/usn-444-1 http://www.vupen.com/english/advisories/2007/1032 http://www.vupen.com/english/advisories/2007/1117 XForce ISS Database: openoffice-starcalc-bo(33112) https://exchange.xforce.ibmcloud.com/vulnerabilities/33112 Common Vulnerability Exposure (CVE) ID: CVE-2007-0239 BugTraq ID: 22812 http://www.securityfocus.com/bid/22812 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11422 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102807-1 XForce ISS Database: openoffice-shell-command-execution(33113) https://exchange.xforce.ibmcloud.com/vulnerabilities/33113
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.