Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2007:001: OpenOffice_org


Vulnerability Assessment Details

SUSE-SA:2007:001: OpenOffice_org

Vulnerability Assessment Summary
Check for the version of the OpenOffice_org package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2007:001 (OpenOffice_org).


Security problems were fixed in the WMF and Enhanced WMF handling
in OpenOffice_org These could potentially be used to execute code
or crash OpenOffice when a user could be convinced to open specially
crafted document (for instance a document sent by E-mail).

This issue is tracked by the Mitre CVE ID CVE-2006-5870.

openSUSE 10.2 is not affected by this problem, it already contains
the fixed OpenOffice_org 2.1 version.

Additionally the OpenOffice_org 2.0 version in SLED 10 was fitted with
hooks to add OfficeXML support with a later update.

Due to the very large size of this update and mirror lag it might
take some hours or days until the updates are available on our mirrors.


Solution : http://www.suse.de/security/http://www.novell.com/linux/security/advisories/2007_01_openoffice.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security

Cables, Connectors

HP Z600 Workstation Xeon E5520 2.27GHz 8GB RAM 500GB HDD NO OS
$165.0
HP Z600 Workstation Xeon E5520 2.27GHz 8GB RAM 500GB HDD NO OS pictureIntel Xeon E5-2683v3 OEM 14-Core 2.0GHz (Turbo 3.0GHz) SR1XH
$0.99
Intel Xeon E5-2683v3 OEM 14-Core 2.0GHz (Turbo 3.0GHz) SR1XH pictureIntel Xeon E7-8890 v3 18-Core 2.5GHz SR21V Haswell-EX Processor - Grade A
$2199.99
Intel Xeon E7-8890 v3 18-Core 2.5GHz SR21V Haswell-EX Processor - Grade A pictureIntel Xeon X5670 2.93GHz/12M/1333MHz Six Core 95W (SLBV7)
$299.0
Intel Xeon X5670 2.93GHz/12M/1333MHz Six Core 95W (SLBV7) picture


Discussions

No Discussions have been posted on this vulnerability.