English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59954
Category:Debian Local Security Checks
Title:Debian: Security Advisory (DSA-1419-1)
Summary:The remote host is missing an update for the Debian 'hsqldb, openoffice.org' package(s) announced via the DSA-1419-1 advisory.
Description:Summary:
The remote host is missing an update for the Debian 'hsqldb, openoffice.org' package(s) announced via the DSA-1419-1 advisory.

Vulnerability Insight:
A vulnerability has been discovered in HSQLDB, the default database engine shipped with OpenOffice.org. This could result in the execution of arbitrary Java code embedded in a OpenOffice.org database document with the user's privilege. This update requires an update of both openoffice.org and hsqldb.

The old stable distribution (sarge) is not affected by this problem.

For the stable distribution (etch) this problem has been fixed in version 2.0.4.dfsg.2-7etch4 of OpenOffice.org and in version 1.8.0.7-1etch1 of hsqldb.

For the unstable distribution (sid) this problem has been fixed in version 2.3.1-1 of OpenOffice.org and in version 1.8.0.9-2 of hsqldb.

For the experimental distribution this problem has been fixed in version 2.3.1~
rc1-1 of OpenOffice.org and in version 1.8.0.9-1 of hsqldb.

We recommend that you upgrade your OpenOffice.org and hsqldb packages.

Affected Software/OS:
'hsqldb, openoffice.org' package(s) on Debian 4.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-4575
1019041
http://www.securitytracker.com/id?1019041
103141
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103141-1
200637
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200637-1
26703
http://www.securityfocus.com/bid/26703
27914
http://secunia.com/advisories/27914
27916
http://secunia.com/advisories/27916
27928
http://secunia.com/advisories/27928
27931
http://secunia.com/advisories/27931
27972
http://secunia.com/advisories/27972
28018
http://secunia.com/advisories/28018
28039
http://secunia.com/advisories/28039
28286
http://secunia.com/advisories/28286
28585
http://secunia.com/advisories/28585
30100
http://secunia.com/advisories/30100
ADV-2007-4092
http://www.vupen.com/english/advisories/2007/4092
ADV-2007-4146
http://www.vupen.com/english/advisories/2007/4146
DSA-1419
http://www.debian.org/security/2007/dsa-1419
FEDORA-2007-4119
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00753.html
FEDORA-2007-4120
http://www.redhat.com/archives/fedora-package-announce/2007-December/msg00134.html
FEDORA-2007-4171
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00678.html
FEDORA-2007-4172
http://www.redhat.com/archives/fedora-package-announce/2007-December/msg00155.html
FEDORA-2007-762
http://www.redhat.com/archives/fedora-package-announce/2007-December/msg00281.html
GLSA-200712-25
http://www.gentoo.org/security/en/glsa/glsa-200712-25.xml
MDVSA-2008:095
http://www.mandriva.com/security/advisories?name=MDVSA-2008:095
RHSA-2007:1048
http://www.redhat.com/support/errata/RHSA-2007-1048.html
RHSA-2007:1090
http://www.redhat.com/support/errata/RHSA-2007-1090.html
RHSA-2008:0151
http://www.redhat.com/support/errata/RHSA-2008-0151.html
RHSA-2008:0158
http://www.redhat.com/support/errata/RHSA-2008-0158.html
RHSA-2008:0213
http://www.redhat.com/support/errata/RHSA-2008-0213.html
SUSE-SA:2007:067
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00005.html
USN-609-1
http://www.ubuntu.com/usn/usn-609-1
http://bugs.gentoo.org/show_bug.cgi?id=200771
http://bugs.gentoo.org/show_bug.cgi?id=201799
http://www.openoffice.org/security/cves/CVE-2007-4575.html
openoffice-hsqldb-code-execution(38882)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38882
oval:org.mitre.oval:def:10153
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10153
CopyrightCopyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.