Test Kennung:	1.3.6.1.4.1.25623.1.0.803083
Kategorie:	Buffer overflow
Titel:	OpenOffice Multiple Buffer Overflow Vulnerabilities - Dec12 (Windows)
Zusammenfassung:	This host is installed with OpenOffice and is prone to; multiple vulnerabilities.
Beschreibung:	Summary: This host is installed with OpenOffice and is prone to multiple vulnerabilities. Vulnerability Insight: - An integer overflow error in the vclmi.dll module when allocating memory for an embedded image object. - Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality allows attacker to crash the application via crafted Open Document Tex (.odt) file. Vulnerability Impact: Successful exploitation will allow remote attackers to cause a denial of service condition or execute arbitrary code. Affected Software/OS: OpenOffice version before 3.4.1 on windows Solution: Upgrade to OpenOffice version 3.4.1 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 53570 BugTraq ID: 54769 Common Vulnerability Exposure (CVE) ID: CVE-2012-1149 http://www.securityfocus.com/bid/53570 Bugtraq: 20120516 CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object (Google Search) http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html Debian Security Information: DSA-2473 (Google Search) http://www.debian.org/security/2012/dsa-2473 Debian Security Information: DSA-2487 (Google Search) http://www.debian.org/security/2012/dsa-2487 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html http://security.gentoo.org/glsa/glsa-201209-05.xml http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:090 http://www.mandriva.com/security/advisories?name=MDVSA-2012:091 http://www.osvdb.org/81988 RedHat Security Advisories: RHSA-2012:0705 http://rhn.redhat.com/errata/RHSA-2012-0705.html http://securitytracker.com/id?1027068 http://secunia.com/advisories/46992 http://secunia.com/advisories/47244 http://secunia.com/advisories/49140 http://secunia.com/advisories/49373 http://secunia.com/advisories/49392 http://secunia.com/advisories/50692 http://secunia.com/advisories/60799 XForce ISS Database: openoffice-vclmi-bo(75692) https://exchange.xforce.ibmcloud.com/vulnerabilities/75692 Common Vulnerability Exposure (CVE) ID: CVE-2012-2665 http://www.securityfocus.com/bid/54769 Debian Security Information: DSA-2520 (Google Search) http://www.debian.org/security/2012/dsa-2520 http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt https://bugzilla.redhat.com/show_bug.cgi?id=826077 RedHat Security Advisories: RHSA-2012:1135 http://rhn.redhat.com/errata/RHSA-2012-1135.html http://www.securitytracker.com/id?1027331 http://www.securitytracker.com/id?1027332 http://secunia.com/advisories/50142 http://secunia.com/advisories/50146 http://www.ubuntu.com/usn/USN-1536-1 http://www.ubuntu.com/usn/USN-1537-1
Copyright	Copyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.