Test Kennung:	1.3.6.1.4.1.25623.1.0.58151
Kategorie:	SuSE Local Security Checks
Titel:	SuSE Security Advisory SUSE-SA:2007:023 (OpenOffice_org,libwpd)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory SUSE-SA:2007:023. Several security problems were fixed in the Wordperfect converter library libwpd and OpenOffice_org: For SUSE Linux 10.1 this aligns the version with the one shipped with SUSE Linux Enterprise Desktop 10. - CVE-2007-0002: Various problems were fixed in libwpd in OpenOffice_org which could be used by remote attackers to potentially execute code or crash OpenOffice_org. This library is shipped stand-alone in openSUSE 10.2, but included in OpenOffice_org packages in previous distributions. - CVE-2007-0238: A stack overflow in the StarCalc parser could be used by remote attackers to potentially execute code by supplying a crafted document. This was reported by NGS Software to the OpenOffice team. - CVE-2007-0239: A shell quoting problem when opening URLs was fixed which could be used by remote attackers to execute code by supplying a crafted document and making the user click on an embedded link. Also support for the ODF - OpenXML converter was added to the OpenOffice_org packages. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2007:023 Risk factor : Critical CVSS Score: 9.3
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0002 BugTraq ID: 23006 http://www.securityfocus.com/bid/23006 Bugtraq: 20070316 rPSA-2007-0057-1 libwpd (Google Search) http://www.securityfocus.com/archive/1/463033/100/0/threaded Debian Security Information: DSA-1268 (Google Search) http://www.debian.org/security/2007/dsa-1268 Debian Security Information: DSA-1270 (Google Search) http://www.debian.org/security/2007/dsa-1270 http://fedoranews.org/cms/node/2805 http://security.gentoo.org/glsa/glsa-200704-07.xml http://www.gentoo.org/security/en/glsa/glsa-200704-12.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=490 http://www.mandriva.com/security/advisories?name=MDKSA-2007:063 http://www.mandriva.com/security/advisories?name=MDKSA-2007:064 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11535 http://www.redhat.com/support/errata/RHSA-2007-0055.html http://www.securitytracker.com/id?1017789 http://secunia.com/advisories/24465 http://secunia.com/advisories/24507 http://secunia.com/advisories/24557 http://secunia.com/advisories/24572 http://secunia.com/advisories/24573 http://secunia.com/advisories/24580 http://secunia.com/advisories/24581 http://secunia.com/advisories/24588 http://secunia.com/advisories/24591 http://secunia.com/advisories/24593 http://secunia.com/advisories/24613 http://secunia.com/advisories/24794 http://secunia.com/advisories/24856 http://secunia.com/advisories/24906 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.399659 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102863-1 SuSE Security Announcement: SUSE-SA:2007:023 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html http://www.ubuntu.com/usn/usn-437-1 http://www.vupen.com/english/advisories/2007/0976 http://www.vupen.com/english/advisories/2007/1032 http://www.vupen.com/english/advisories/2007/1339 Common Vulnerability Exposure (CVE) ID: CVE-2007-0238 BugTraq ID: 23067 http://www.securityfocus.com/bid/23067 Bugtraq: 20070404 High Risk Vulnerability in OpenOffice (Google Search) http://www.securityfocus.com/archive/1/464724/100/0/threaded http://www.mandriva.com/security/advisories?name=MDKSA-2007:073 http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-openoffice-suite/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8968 http://www.redhat.com/support/errata/RHSA-2007-0033.html http://www.redhat.com/support/errata/RHSA-2007-0069.html http://www.securitytracker.com/id?1017799 http://secunia.com/advisories/24550 http://secunia.com/advisories/24646 http://secunia.com/advisories/24647 http://secunia.com/advisories/24676 http://secunia.com/advisories/24810 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102794-1 http://www.ubuntu.com/usn/usn-444-1 http://www.vupen.com/english/advisories/2007/1117 XForce ISS Database: openoffice-starcalc-bo(33112) https://exchange.xforce.ibmcloud.com/vulnerabilities/33112 Common Vulnerability Exposure (CVE) ID: CVE-2007-0239 BugTraq ID: 22812 http://www.securityfocus.com/bid/22812 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11422 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102807-1 XForce ISS Database: openoffice-shell-command-execution(33113) https://exchange.xforce.ibmcloud.com/vulnerabilities/33113
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.