English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.72069
Category:Mandrake Local Security Checks
Title:Mandriva Security Advisory MDVSA-2011:172 (libreoffice)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to libreoffice
announced via advisory MDVSA-2011:172.

Multiple vulnerabilies has been discovered and corrected in
libreoffice:

Stack-based buffer overflow in the Lotus Word Pro import filter in
LibreOffice before 3.3.3 allows remote attackers to execute arbitrary
code via a crafted .lwp file (CVE-2011-2685).

oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows
user-assisted remote attackers to cause a denial of service (crash)
via a crafted DOC file that triggers an out-of-bounds read in the
DOC sprm parser (CVE-2011-2713).

This update brings a new LibreOffice version 3.4.3 release linked
against stdc++ and gcc_s standard libraries available in the Mandriva
2011 and solves installing conflicts with libstdc++ (#64224).

The package clipart-openclipart was dropped from the main
repository in the Mandriva 2011. However it is not required
having clipart-openclipart installed in order to install
libreoffice-openclipart as the LibreOffice still provides some cliparts
directly in that package (#63634).

This update fixes some OpenOffice.org leftovers in some packages
description replacing that by LibreOffice (#64658).

This update brings new LibreOffice l10n locale packages: Assanese as,
Bengali bn, Dzongkha dz, Farsi fa, Irish ga, Galician gl, Gujarati
gu, Croatian hr, Kannada kn, Lithuanian lt, Latvian lv, Maithili mai,
Malayalam ml, Marathi mr, Ndebele nr, Northern Shoto nso, Oriya or,
Punjabi pa_IN, Romanian ro, Secwepemctsin sh, Sinhalese si, Serbian
sr, Swati ss, Shoto st, Telugu te, Thai th, Tswana tn, Tsonga ts,
Ukrainian uk, Venda ve and Xhosa xh. Help packages are also provided
for: bn, dz, gl, gu, hr, si and uk.

Additionally the gaupol packages are being provided to solve a build
dependcy of some of the supporting tools already added into 2011.

The updated packages have been upgraded to LibreOffice version 3.4.3
where these isssues has been resolved.

Affected: 2011.

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:172

Risk factor : High

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-2685
CERT/CC vulnerability note: VU#953183
http://www.kb.cert.org/vuls/id/953183
http://www.mandriva.com/security/advisories?name=MDVSA-2011:172
http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d
http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877
http://www.openwall.com/lists/oss-security/2011/07/06/13
http://www.openwall.com/lists/oss-security/2011/07/12/13
SuSE Security Announcement: openSUSE-SU-2011:1143 (Google Search)
http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-2713
1026145
http://www.securitytracker.com/id?1026145
49969
http://www.securityfocus.com/bid/49969
50692
http://secunia.com/advisories/50692
60799
http://secunia.com/advisories/60799
76178
http://osvdb.org/76178
DSA-2315
http://www.debian.org/security/2011/dsa-2315
FEDORA-2011-14036
http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html
FEDORA-2011-14049
http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html
GLSA-201209-05
http://security.gentoo.org/glsa/glsa-201209-05.xml
GLSA-201408-19
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
MDVSA-2011:172
http://www.libreoffice.org/advisories/CVE-2011-2713/
https://bugzilla.redhat.com/show_bug.cgi?id=725668
openSUSE-SU-2011:1143
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.