Search the archives!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] rPSA-2007-0070-1 openoffice.org
- From: announce-noreply at rpath.com (rPath Update Announcements)
- Subject: [Full-disclosure] rPSA-2007-0070-1 openoffice.org
- Date: Mon, 09 Apr 2007 14:14:48 -0400
rPath Security Advisory: 2007-0070-1
Published: 2007-04-09
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
openoffice.org=/conary.rpath.com at rpl:devel//1/2.2-0.1-1
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239
https://issues.rpath.com/browse/RPL-1118
Description:
Previous versions of the openoffice.org package are vulnerable to
two indirect code execution attacks, one when reading maliciously
malformed StarCalc documents, and one when parsing maliciously
crafted URIs. (Another vulnerability in libwpd was addressed
separately, as libwpd is packaged separately in rPath Linux.)
- Prev by Date: [Full-disclosure] Security Researcher Not Particularly Humiliated
- Next by Date: [Full-disclosure] DNS mining ?
- Previous by thread: [Full-disclosure] Fwd: threat to corporate security
- Next by thread: [Full-disclosure] iDefense Security Advisory 04.09.07: AOL AIM and ICQ File Transfer Path-Traversal Vulnerability
- Index(es):