Test ID:	1.3.6.1.4.1.25623.1.0.59934
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2007:1090
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2007:1090. OpenOffice.org is an office productivity suite. HSQLDB is the default database engine shipped with OpenOffice.org 2. It was discovered that HSQLDB could allow the execution of arbitrary public static Java methods. A carefully crafted odb file opened in OpenOffice.org Base could execute arbitrary commands with the permissions of the user running OpenOffice.org. (CVE-2007-4575) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-1090.html http://www.openoffice.org/security/cves/CVE-2007-4575.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4575 1019041 http://www.securitytracker.com/id?1019041 103141 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103141-1 200637 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200637-1 26703 http://www.securityfocus.com/bid/26703 27914 http://secunia.com/advisories/27914 27916 http://secunia.com/advisories/27916 27928 http://secunia.com/advisories/27928 27931 http://secunia.com/advisories/27931 27972 http://secunia.com/advisories/27972 28018 http://secunia.com/advisories/28018 28039 http://secunia.com/advisories/28039 28286 http://secunia.com/advisories/28286 28585 http://secunia.com/advisories/28585 30100 http://secunia.com/advisories/30100 ADV-2007-4092 http://www.vupen.com/english/advisories/2007/4092 ADV-2007-4146 http://www.vupen.com/english/advisories/2007/4146 DSA-1419 http://www.debian.org/security/2007/dsa-1419 FEDORA-2007-4119 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00753.html FEDORA-2007-4120 http://www.redhat.com/archives/fedora-package-announce/2007-December/msg00134.html FEDORA-2007-4171 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00678.html FEDORA-2007-4172 http://www.redhat.com/archives/fedora-package-announce/2007-December/msg00155.html FEDORA-2007-762 http://www.redhat.com/archives/fedora-package-announce/2007-December/msg00281.html GLSA-200712-25 http://www.gentoo.org/security/en/glsa/glsa-200712-25.xml MDVSA-2008:095 http://www.mandriva.com/security/advisories?name=MDVSA-2008:095 RHSA-2007:1048 http://www.redhat.com/support/errata/RHSA-2007-1048.html RHSA-2007:1090 http://www.redhat.com/support/errata/RHSA-2007-1090.html RHSA-2008:0151 http://www.redhat.com/support/errata/RHSA-2008-0151.html RHSA-2008:0158 http://www.redhat.com/support/errata/RHSA-2008-0158.html RHSA-2008:0213 http://www.redhat.com/support/errata/RHSA-2008-0213.html SUSE-SA:2007:067 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00005.html USN-609-1 http://www.ubuntu.com/usn/usn-609-1 http://bugs.gentoo.org/show_bug.cgi?id=200771 http://bugs.gentoo.org/show_bug.cgi?id=201799 http://www.openoffice.org/security/cves/CVE-2007-4575.html openoffice-hsqldb-code-execution(38882) https://exchange.xforce.ibmcloud.com/vulnerabilities/38882 oval:org.mitre.oval:def:10153 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10153
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.