Test ID:	1.3.6.1.4.1.25623.1.0.840576
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-1056-1)
Summary:	The remote host is missing an update for the 'openoffice.org' package(s) announced via the USN-1056-1 advisory.
Description:	Summary: The remote host is missing an update for the 'openoffice.org' package(s) announced via the USN-1056-1 advisory. Vulnerability Insight: Charlie Miller discovered several heap overflows in PPT processing. If a user or automated system were tricked into opening a specially crafted PPT document, a remote attacker could execute arbitrary code with user privileges. Ubuntu 10.10 was not affected. (CVE-2010-2935, CVE-2010-2936) Marc Schoenefeld discovered that directory traversal was not correctly handled in XSLT, OXT, JAR, or ZIP files. If a user or automated system were tricked into opening a specially crafted document, a remote attacker overwrite arbitrary files, possibly leading to arbitrary code execution with user privileges. (CVE-2010-3450) Dan Rosenberg discovered multiple heap overflows in RTF and DOC processing. If a user or automated system were tricked into opening a specially crafted RTF or DOC document, a remote attacker could execute arbitrary code with user privileges. (CVE-2010-3451, CVE-2010-3452, CVE-2010-3453, CVE-2010-3454) Dmitri Gribenko discovered that OpenOffice.org did not correctly handle LD_LIBRARY_PATH in various tools. If a local attacker tricked a user or automated system into using OpenOffice.org from an attacker-controlled directory, they could execute arbitrary code with user privileges. (CVE-2010-3689) Marc Schoenefeld discovered that OpenOffice.org did not correctly process PNG images. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. (CVE-2010-4253) It was discovered that OpenOffice.org did not correctly process TGA images. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. (CVE-2010-4643) Affected Software/OS: 'openoffice.org' package(s) on Ubuntu 8.04, Ubuntu 9.10, Ubuntu 10.04, Ubuntu 10.10. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2935 1024352 http://www.securitytracker.com/id?1024352 1024976 http://www.securitytracker.com/id?1024976 40775 http://secunia.com/advisories/40775 41052 http://secunia.com/advisories/41052 41235 http://secunia.com/advisories/41235 42927 http://secunia.com/advisories/42927 43105 http://secunia.com/advisories/43105 60799 http://secunia.com/advisories/60799 ADV-2010-2003 http://www.vupen.com/english/advisories/2010/2003 ADV-2010-2149 http://www.vupen.com/english/advisories/2010/2149 ADV-2010-2228 http://www.vupen.com/english/advisories/2010/2228 ADV-2010-2905 http://www.vupen.com/english/advisories/2010/2905 ADV-2011-0150 http://www.vupen.com/english/advisories/2011/0150 ADV-2011-0230 http://www.vupen.com/english/advisories/2011/0230 ADV-2011-0279 http://www.vupen.com/english/advisories/2011/0279 DSA-2099 http://www.debian.org/security/2010/dsa-2099 GLSA-201408-19 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MDVSA-2010:221 http://www.mandriva.com/security/advisories?name=MDVSA-2010:221 RHSA-2010:0643 http://www.redhat.com/support/errata/RHSA-2010-0643.html SUSE-SR:2010:019 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html SUSE-SR:2010:024 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html USN-1056-1 http://ubuntu.com/usn/usn-1056-1 [dev] 20100806 Two exploitable OpenOffice.org bugs! http://www.openoffice.org/servlets/ReadMsg?list=dev&msgNo=27690 [oss-security] 20100811 CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow http://www.openwall.com/lists/oss-security/2010/08/11/1 [oss-security] 20100811 Re: CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow http://www.openwall.com/lists/oss-security/2010/08/11/4 http://securityevaluators.com/files/papers/CrashAnalysis.pdf http://www.openoffice.org/security/cves/CVE-2010-2935_CVE-2010-2936.html http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html https://bugzilla.redhat.com/show_bug.cgi?id=622529 oval:org.mitre.oval:def:12063 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12063 Common Vulnerability Exposure (CVE) ID: CVE-2010-2936 https://bugzilla.redhat.com/show_bug.cgi?id=622529#c6 https://bugzilla.redhat.com/show_bug.cgi?id=622555 oval:org.mitre.oval:def:12144 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12144 Common Vulnerability Exposure (CVE) ID: CVE-2010-3450 1025002 http://www.securitytracker.com/id?1025002 42999 http://secunia.com/advisories/42999 43065 http://secunia.com/advisories/43065 43118 http://secunia.com/advisories/43118 46031 http://www.securityfocus.com/bid/46031 70711 http://osvdb.org/70711 ADV-2011-0232 http://www.vupen.com/english/advisories/2011/0232 DSA-2151 http://www.debian.org/security/2011/dsa-2151 MDVSA-2011:027 http://www.mandriva.com/security/advisories?name=MDVSA-2011:027 RHSA-2011:0181 http://www.redhat.com/support/errata/RHSA-2011-0181.html RHSA-2011:0182 http://www.redhat.com/support/errata/RHSA-2011-0182.html http://www.openoffice.org/security/cves/CVE-2010-3450.html http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html https://bugzilla.redhat.com/show_bug.cgi?id=602324 Common Vulnerability Exposure (CVE) ID: CVE-2010-3451 70712 http://osvdb.org/70712 http://www.cs.brown.edu/people/drosenbe/research.html http://www.openoffice.org/security/cves/CVE-2010-3451_CVE-2010-3452.html http://www.vsecurity.com/resources/advisory/20110126-1 https://bugzilla.redhat.com/show_bug.cgi?id=641282 ooo-rtf-ce(65030) https://exchange.xforce.ibmcloud.com/vulnerabilities/65030 Common Vulnerability Exposure (CVE) ID: CVE-2010-3452 70713 http://osvdb.org/70713 https://bugzilla.redhat.com/show_bug.cgi?id=640241 ooo-oowriter-ce(65031) https://exchange.xforce.ibmcloud.com/vulnerabilities/65031 Common Vulnerability Exposure (CVE) ID: CVE-2010-3453 70714 http://osvdb.org/70714 http://www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.html https://bugzilla.redhat.com/show_bug.cgi?id=640950 Common Vulnerability Exposure (CVE) ID: CVE-2010-3454 70715 http://osvdb.org/70715 https://bugzilla.redhat.com/show_bug.cgi?id=640954 Common Vulnerability Exposure (CVE) ID: CVE-2010-3689 1025004 http://www.securitytracker.com/id?1025004 70716 http://osvdb.org/70716 http://www.openoffice.org/security/cves/CVE-2010-3689.html https://bugzilla.redhat.com/show_bug.cgi?id=641224 Common Vulnerability Exposure (CVE) ID: CVE-2010-4253 70717 http://osvdb.org/70717 http://www.openoffice.org/security/cves/CVE-2010-4253.html https://bugzilla.redhat.com/show_bug.cgi?id=658259 Common Vulnerability Exposure (CVE) ID: CVE-2010-4643 70718 http://osvdb.org/70718 http://www.openoffice.org/security/cves/CVE-2010-4643.html https://bugzilla.redhat.com/show_bug.cgi?id=667588 ooo-tga-bo(65441) https://exchange.xforce.ibmcloud.com/vulnerabilities/65441
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.