Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2007:1048
HistoryDec 05, 2007 - 12:00 a.m.

(RHSA-2007:1048) Moderate: openoffice.org, hsqldb security update

2007-12-0500:00:00
access.redhat.com
34

0.109 Low

EPSS

Percentile

95.1%

JSON

OpenOffice.org is an office productivity suite.
HSQLDB is a Java relational database engine used by OpenOffice.org Base.

It was discovered that HSQLDB could allow the execution of arbitrary public
static Java methods. A carefully crafted odb file opened in OpenOffice.org
Base could execute arbitrary commands with the permissions of the user
running OpenOffice.org. (CVE-2007-4575)

It was discovered that HSQLDB did not have a password set on the ‘sa’ user.
If HSQLDB has been configured as a service, a remote attacker who could
connect to the HSQLDB port (tcp 9001) could execute arbitrary SQL commands.
(CVE-2003-0845)

Note that in Red Hat Enterprise Linux 5, HSQLDB is not enabled as a service
by default, and needs manual configuration in order to work as a service.

Users of OpenOffice.org or HSQLDB should update to these errata packages
which contain backported patches to correct these issues.

OSVersionArchitecturePackageVersionFilename
RedHatanyx86_64openoffice.org-langpack-nr_za< 2.0.4-5.4.25openoffice.org-langpack-nr_ZA-2.0.4-5.4.25.x86_64.rpm
RedHatanyi386openoffice.org-math< 2.0.4-5.4.25openoffice.org-math-2.0.4-5.4.25.i386.rpm
RedHatanyi386openoffice.org-langpack-hu_hu< 2.0.4-5.4.25openoffice.org-langpack-hu_HU-2.0.4-5.4.25.i386.rpm
RedHatanyx86_64openoffice.org-xsltfilter< 2.0.4-5.4.25openoffice.org-xsltfilter-2.0.4-5.4.25.x86_64.rpm
RedHatanyi386openoffice.org-impress< 2.0.4-5.4.25openoffice.org-impress-2.0.4-5.4.25.i386.rpm
RedHatanyx86_64openoffice.org-impress< 2.0.4-5.4.25openoffice.org-impress-2.0.4-5.4.25.x86_64.rpm
RedHatanyi386hsqldb-manual< 1.8.0.4-3jpp.6hsqldb-manual-1.8.0.4-3jpp.6.i386.rpm
RedHatanyi386openoffice.org-langpack-pt_pt< 2.0.4-5.4.25openoffice.org-langpack-pt_PT-2.0.4-5.4.25.i386.rpm
RedHatanyi386openoffice.org-langpack-ja_jp< 2.0.4-5.4.25openoffice.org-langpack-ja_JP-2.0.4-5.4.25.i386.rpm
RedHatanyx86_64openoffice.org-langpack-zh_tw< 2.0.4-5.4.25openoffice.org-langpack-zh_TW-2.0.4-5.4.25.x86_64.rpm
Rows per page:
1-10 of 1561

Related

nessus 36
centos 1
cve 5
nvd 5
cvelist 4
fedora 9
openvas 33
securityvulns 2
debian 1
suse 1
seebug 2
gentoo 1
debiancve 1
redhat 2
ubuntucve 1
canvas 1
prion 2
veracode 1
ubuntu 1
nessus
nessus
CentOS 5 : openoffice.org / hsqldb (CESA-2007:1048)
2010-01-06 00:00:00
RHEL 5 : openoffice.org, hsqldb (RHSA-2007:1048)
2013-01-24 00:00:00
Scientific Linux Security Update : openoffice.org, hsqldb on SL5.x i386/x86_64
2012-08-01 00:00:00
centos
centos
hsqldb, openoffice.org security update
2008-01-19 00:14:54
cve
cve
CVE-2003-0845
2003-11-17 05:00:00
CVE-2007-4575
2007-12-06 02:46:00
CVE-2005-2158
2005-07-06 04:00:00
nvd
nvd
CVE-2003-0845
2003-11-17 05:00:00
CVE-2007-4575
2007-12-06 02:46:00
CVE-2005-4668
2005-12-31 05:00:00
cvelist
cvelist
CVE-2003-0845
2003-10-09 04:00:00
CVE-2007-4575
2007-12-06 02:00:00
CVE-2005-4668
2006-01-26 22:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: openoffice.org-2.0.4-5.5.25
2007-12-07 17:31:39
[SECURITY] Fedora 8 Update: openoffice.org-2.3.0-6.7.fc8
2007-12-07 18:22:50
[SECURITY] Fedora 7 Update: openoffice.org-2.3.0-6.5.fc7
2007-12-07 18:17:15
openvas
openvas
Fedora Update for hsqldb FEDORA-2007-4171
2009-02-24 00:00:00
Fedora Update for openoffice.org FEDORA-2007-762
2009-02-27 00:00:00
SuSE Update for OpenOffice_org SUSE-SA:2007:067
2009-01-28 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1419-1] New OpenOffice.org packages fix arbitrary Java code execution
2007-12-05 00:00:00
hsqldb / OpenOffice code execution
2007-12-05 00:00:00
debian
debian
[SECURITY] [DSA 1419-1] New OpenOffice.org packages fix arbitrary Java code execution
2007-12-05 15:19:43
suse
suse
remote code execution in OpenOffice_org
2007-12-11 13:56:46
seebug
seebug
OpenOffice HSQLDB Database Engine Unspecified Java Code Execution Vulnerability
2008-01-01 00:00:00
OpenOffice HSQLDB数据库引擎Java代码执行漏洞
2007-12-13 00:00:00
gentoo
gentoo
OpenOffice.org: User-assisted arbitrary code execution
2007-12-30 00:00:00
debiancve
debiancve
CVE-2007-4575
2007-12-06 02:46:00
redhat
redhat
(RHSA-2007:1090) Moderate: openoffice.org2 security update
2007-12-05 00:00:00
(RHSA-2008:0158) Moderate: JBoss Enterprise Application Platform security update
2008-03-24 00:00:00
ubuntucve
ubuntucve
CVE-2007-4575
2007-12-06 00:00:00
canvas
canvas
Immunity Canvas: OOO_230
2007-12-06 02:46:00
prion
prion
Design/Logic Flaw
2007-12-06 02:46:00
Design/Logic Flaw
2008-01-29 02:00:00
veracode
veracode
Remote Code Execution (RCE)
2018-09-05 01:13:14
ubuntu
ubuntu
OpenOffice.org vulnerabilities
2008-05-06 00:00:00

0.109 Low

EPSS

Percentile

95.1%

JSON
Related for RHSA-2007:1048
nessus36centos1cve5nvd5cvelist4fedora9openvas33securityvulns2debian1suse1seebug2gentoo1debiancve1redhat2ubuntucve1canvas1prion2veracode1ubuntu1