OpenOffice.org: User-assisted arbitrary code execution

2007-12-3000:00:00

Gentoo Foundation

security.gentoo.org

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.026

Percentile

90.6%

JSON

Background

OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities.

Description

The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements.

Impact

A remote attacker could entice a user to open a specially crafted document, possibly resulting in the remote execution of arbitrary Java code with the privileges of the user running OpenOffice.org.

Workaround

There is no known workaround at this time.

Resolution

All OpenOffice.org users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=app-office/openoffice-2.3.1"

All OpenOffice.org binary users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=app-office/openoffice-bin-2.3.1"

All HSQLDB users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=dev-db/hsqldb-1.8.0.9"

OSVersionArchitecturePackageVersionFilename
Gentooanyallapp-office/openoffice< 2.3.1UNKNOWN
Gentooanyallapp-office/openoffice-bin< 2.3.1UNKNOWN
Gentooanyalldev-db/hsqldb< 1.8.0.9UNKNOWN