Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2007:001: OpenOffice_org

Vulnerability Assessment Details

SUSE-SA:2007:001: OpenOffice_org

Vulnerability Assessment Summary
Check for the version of the OpenOffice_org package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2007:001 (OpenOffice_org).

Security problems were fixed in the WMF and Enhanced WMF handling
in OpenOffice_org These could potentially be used to execute code
or crash OpenOffice when a user could be convinced to open specially
crafted document (for instance a document sent by E-mail).

This issue is tracked by the Mitre CVE ID CVE-2006-5870.

openSUSE 10.2 is not affected by this problem, it already contains
the fixed OpenOffice_org 2.1 version.

Additionally the OpenOffice_org 2.0 version in SLED 10 was fitted with
hooks to add OfficeXML support with a later update.

Due to the very large size of this update and mirror lag it might
take some hours or days until the updates are available on our mirrors.

Solution : http://www.suse.de/security/http://www.novell.com/linux/security/advisories/2007_01_openoffice.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security

Cables, Connectors