Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2008:0176
HistoryApr 17, 2008 - 11:18 p.m.

openoffice.org security update

2008-04-1723:18:44
CentOS Project
lists.centos.org
55

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.924 High

EPSS

Percentile

99.0%

JSON

CentOS Errata and Security Advisory CESA-2008:0176

OpenOffice.org is an office productivity suite that includes desktop
applications such as a word processor, spreadsheet, presentation manager,
formula editor, and drawing program.

A heap overflow flaw was found in the EMF parser. An attacker could create
a carefully crafted EMF file that could cause OpenOffice.org to crash or
possibly execute arbitrary code if the malicious EMF image was added to a
document or if a document containing the malicious EMF file was opened by a
victim. (CVE-2007-5746)

A heap overflow flaw was found in the OLE Structured Storage file parser.
(OLE Structured Storage is a format used by Microsoft Office documents.) An
attacker could create a carefully crafted OLE file that could cause
OpenOffice.org to crash or possibly execute arbitrary code if the file was
opened by a victim. (CVE-2008-0320)

All users of OpenOffice.org are advised to upgrade to these updated
packages, which contain backported fixes to correct these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-April/076986.html
https://lists.centos.org/pipermail/centos-announce/2008-April/076987.html
https://lists.centos.org/pipermail/centos-announce/2008-April/077012.html
https://lists.centos.org/pipermail/centos-announce/2008-April/077013.html

Affected packages:
openoffice.org
openoffice.org-i18n
openoffice.org-kde
openoffice.org-libs

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0176

OSVersionArchitecturePackageVersionFilename
CentOS3i386openoffice.org<Β 1.1.2-41.2.0.EL3openoffice.org-1.1.2-41.2.0.EL3.i386.rpm
CentOS3i386openoffice.org-i18n<Β 1.1.2-41.2.0.EL3openoffice.org-i18n-1.1.2-41.2.0.EL3.i386.rpm
CentOS3i386openoffice.org-libs<Β 1.1.2-41.2.0.EL3openoffice.org-libs-1.1.2-41.2.0.EL3.i386.rpm
CentOS3i386openoffice.org<Β 1.1.2-41.2.0.EL3openoffice.org-1.1.2-41.2.0.EL3.i386.rpm
CentOS3i386openoffice.org-i18n<Β 1.1.2-41.2.0.EL3openoffice.org-i18n-1.1.2-41.2.0.EL3.i386.rpm
CentOS3i386openoffice.org-libs<Β 1.1.2-41.2.0.EL3openoffice.org-libs-1.1.2-41.2.0.EL3.i386.rpm
CentOS4i386openoffice.org<Β 1.1.5-10.6.0.3.EL4openoffice.org-1.1.5-10.6.0.3.EL4.i386.rpm
CentOS4i386openoffice.org-i18n<Β 1.1.5-10.6.0.3.EL4openoffice.org-i18n-1.1.5-10.6.0.3.EL4.i386.rpm
CentOS4i386openoffice.org-kde<Β 1.1.5-10.6.0.3.EL4openoffice.org-kde-1.1.5-10.6.0.3.EL4.i386.rpm
CentOS4i386openoffice.org-libs<Β 1.1.5-10.6.0.3.EL4openoffice.org-libs-1.1.5-10.6.0.3.EL4.i386.rpm
Rows per page:
1-10 of 141

Related

openvas 37
nessus 17
redhat 2
oraclelinux 1
centos 1
securityvulns 3
osv 1
seebug 2
debian 1
prion 2
ubuntucve 2
cve 2
cvelist 2
nvd 2
ubuntu 1
checkpoint_advisories 2
saint 4
fedora 6
packetstorm 1
metasploit 1
suse 1
gentoo 1
exploitdb 1
openvas
openvas
CentOS Update for openoffice.org CESA-2008:0176 centos3 i386
2009-02-27 00:00:00
CentOS Update for openoffice.org CESA-2008:0176 centos4 x86_64
2009-02-27 00:00:00
CentOS Update for openoffice.org CESA-2008:0176 centos4 i386
2009-02-27 00:00:00
nessus
nessus
Scientific Linux Security Update : openoffice.org on SL3.x, SL4.x i386/x86_64
2012-08-01 00:00:00
CentOS 3 / 4 : openoffice.org (CESA-2008:0176)
2008-04-22 00:00:00
Oracle Linux 3 / 4 : openoffice.org (ELSA-2008-0176)
2013-07-12 00:00:00
redhat
redhat
(RHSA-2008:0176) Important: openoffice.org security update
2008-04-17 00:00:00
(RHSA-2008:0175) Important: openoffice.org security update
2008-04-17 00:00:00
oraclelinux
oraclelinux
openoffice.org security update
2008-04-18 00:00:00
centos
centos
openoffice.org, openoffice.org2 security update
2008-04-21 09:57:54
securityvulns
securityvulns
OpenOffice multiple security vulnerabilities
2008-04-20 00:00:00
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability
2008-04-20 00:00:00
iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability
2008-04-20 00:00:00
osv
osv
openoffice.org
2008-04-17 00:00:00
seebug
seebug
OpenOffice倚δΈͺηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž
2008-04-19 00:00:00
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
2014-07-01 00:00:00
debian
debian
[SECURITY] [DSA 1547-1] New OpenOffice.org packages fix arbitrary code execution
2008-04-17 10:13:30
prion
prion
Integer overflow
2008-04-17 19:05:00
Heap overflow
2008-04-17 19:05:00
ubuntucve
ubuntucve
CVE-2007-5746
2008-04-17 00:00:00
CVE-2008-0320
2008-04-17 00:00:00
cve
cve
CVE-2007-5746
2008-04-17 19:05:00
CVE-2008-0320
2008-04-17 19:05:00
cvelist
cvelist
CVE-2007-5746
2008-04-17 17:00:00
CVE-2008-0320
2008-04-17 17:00:00
nvd
nvd
CVE-2007-5746
2008-04-17 19:05:00
CVE-2008-0320
2008-04-17 19:05:00
ubuntu
ubuntu
OpenOffice.org vulnerabilities
2008-05-06 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenOffice EMF File EMR_BITBLT Record Integer Overflow (CVE-2007-5746)
2010-06-02 00:00:00
OpenOffice OLE File Stream Buffer Overflow (CVE-2008-0320)
2009-10-05 00:00:00
saint
saint
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
2008-06-20 00:00:00
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
2008-06-20 00:00:00
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
2008-06-20 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: openoffice.org-2.3.0-6.14.fc8
2008-04-22 22:41:54
[SECURITY] Fedora 7 Update: openoffice.org-2.3.0-6.8.fc7
2008-05-17 22:26:21
[SECURITY] Fedora 7 Update: openoffice.org-2.3.0-6.9.fc7
2008-06-11 23:34:19
packetstorm
packetstorm
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
2012-05-24 00:00:00
metasploit
metasploit
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
2012-05-23 15:14:11
suse
suse
local privilege escalation in OpenOffice_org
2008-04-18 09:57:35
gentoo
gentoo
OpenOffice.org: Multiple vulnerabilities
2008-05-14 00:00:00
exploitdb
exploitdb
OpenOffice - OLE Importer DocumentSummaryInformation Stream Handling Overflow (Metasploit)
2012-05-25 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.924 High

EPSS

Percentile

99.0%

JSON
Related for CESA-2008:0176
openvas37nessus17redhat2oraclelinux1centos1securityvulns3osv1seebug2debian1prion2ubuntucve2cve2cvelist2nvd2ubuntu1checkpoint_advisories2saint4fedora6packetstorm1metasploit1suse1gentoo1exploitdb1