Test Kennung:	1.3.6.1.4.1.25623.1.0.800167
Kategorie:	Buffer overflow
Titel:	OpenOffice Multiple Remote Code Execution Vulnerabilities - Feb10
Zusammenfassung:	This host has OpenOffice running which is prone to multiple; remote code execution vulnerabilities.
Beschreibung:	Summary: This host has OpenOffice running which is prone to multiple remote code execution vulnerabilities. Vulnerability Insight: - GIF Files in GIFLZWDecompressor:: GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx leading to heap overflow. - XPM files in XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx leading to an integer overflow. - Microsoft Word document in filter/ww8/ww8par2.cxx leading to application crash or execute arbitrary code via crafted sprmTSetBrc table property in a Word document. Vulnerability Impact: Successful exploitation lets the attackers to cause a denial of service or execute arbitrary code. Affected Software/OS: OpenOffice.org versions prior to 3.2 Solution: Upgrade to OpenOffice.org version 3.2 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 38218 Common Vulnerability Exposure (CVE) ID: CVE-2009-2949 http://www.securityfocus.com/bid/38218 Cert/CC Advisory: TA10-287A http://www.us-cert.gov/cas/techalerts/TA10-287A.html Debian Security Information: DSA-1995 (Google Search) http://www.debian.org/security/2010/dsa-1995 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:221 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10176 http://www.redhat.com/support/errata/RHSA-2010-0101.html http://securitytracker.com/id?1023591 http://secunia.com/advisories/38567 http://secunia.com/advisories/38568 http://secunia.com/advisories/38695 http://secunia.com/advisories/38921 http://secunia.com/advisories/41818 http://secunia.com/advisories/60799 SuSE Security Announcement: SUSE-SA:2010:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html http://www.ubuntu.com/usn/USN-903-1 http://www.vupen.com/english/advisories/2010/0366 http://www.vupen.com/english/advisories/2010/0635 http://www.vupen.com/english/advisories/2010/2905 XForce ISS Database: openoffice-xpm-bo(56236) https://exchange.xforce.ibmcloud.com/vulnerabilities/56236 Common Vulnerability Exposure (CVE) ID: CVE-2009-2950 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11050 XForce ISS Database: openoffice-gif-bo(56238) https://exchange.xforce.ibmcloud.com/vulnerabilities/56238 Common Vulnerability Exposure (CVE) ID: CVE-2009-3301 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10423 XForce ISS Database: openoffice-word-sprmtdeftable-bo(56240) https://exchange.xforce.ibmcloud.com/vulnerabilities/56240 Common Vulnerability Exposure (CVE) ID: CVE-2009-3302 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10022 XForce ISS Database: openoffice-word-sprmtsetbrc-bo(56241) https://exchange.xforce.ibmcloud.com/vulnerabilities/56241
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.