ID CVE-2006-2198
Summary OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
References
Vulnerable Configurations
  • cpe:2.3:a:openoffice:openoffice:1.1.0
    cpe:2.3:a:openoffice:openoffice:1.1.0
  • cpe:2.3:a:openoffice:openoffice:1.1.1
    cpe:2.3:a:openoffice:openoffice:1.1.1
  • cpe:2.3:a:openoffice:openoffice:1.1.1a
    cpe:2.3:a:openoffice:openoffice:1.1.1a
  • cpe:2.3:a:openoffice:openoffice:1.1.1b
    cpe:2.3:a:openoffice:openoffice:1.1.1b
  • cpe:2.3:a:openoffice:openoffice:1.1.2
    cpe:2.3:a:openoffice:openoffice:1.1.2
  • cpe:2.3:a:openoffice:openoffice:1.1.3
    cpe:2.3:a:openoffice:openoffice:1.1.3
  • cpe:2.3:a:openoffice:openoffice:1.1.4
    cpe:2.3:a:openoffice:openoffice:1.1.4
  • cpe:2.3:a:openoffice:openoffice:1.1.5
    cpe:2.3:a:openoffice:openoffice:1.1.5
  • cpe:2.3:a:openoffice:openoffice:2.0.0
    cpe:2.3:a:openoffice:openoffice:2.0.0
  • cpe:2.3:a:openoffice:openoffice:2.0.0_rc1
    cpe:2.3:a:openoffice:openoffice:2.0.0_rc1
  • cpe:2.3:a:openoffice:openoffice:2.0.0_rc2
    cpe:2.3:a:openoffice:openoffice:2.0.0_rc2
  • cpe:2.3:a:openoffice:openoffice:2.0.0_rc3
    cpe:2.3:a:openoffice:openoffice:2.0.0_rc3
  • cpe:2.3:a:openoffice:openoffice:2.0.1
    cpe:2.3:a:openoffice:openoffice:2.0.1
  • cpe:2.3:a:openoffice:openoffice:2.0.2
    cpe:2.3:a:openoffice:openoffice:2.0.2
  • cpe:2.3:a:openoffice:openoffice:2.0.2_rc1
    cpe:2.3:a:openoffice:openoffice:2.0.2_rc1
  • cpe:2.3:a:openoffice:openoffice:2.0.2_rc2
    cpe:2.3:a:openoffice:openoffice:2.0.2_rc2
  • cpe:2.3:a:openoffice:openoffice:2.0.2_rc3
    cpe:2.3:a:openoffice:openoffice:2.0.2_rc3
  • cpe:2.3:a:openoffice:openoffice:2.0.2_rc4
    cpe:2.3:a:openoffice:openoffice:2.0.2_rc4
  • cpe:2.3:a:openoffice:openoffice:2.0.3_rc3
    cpe:2.3:a:openoffice:openoffice:2.0.3_rc3
  • cpe:2.3:a:openoffice:openoffice:2.0.3_rc4
    cpe:2.3:a:openoffice:openoffice:2.0.3_rc4
  • cpe:2.3:a:openoffice:openoffice:2.0.3_rc5
    cpe:2.3:a:openoffice:openoffice:2.0.3_rc5
  • cpe:2.3:a:openoffice:openoffice:2.0.3_rc6
    cpe:2.3:a:openoffice:openoffice:2.0.3_rc6
  • Sun StarOffice 7.0
    cpe:2.3:a:sun:staroffice:7.0
  • Sun StarOffice 8.0
    cpe:2.3:a:sun:staroffice:8.0
CVSS
Base: 7.6 (as of 03-07-2006 - 09:47)
Impact:
Exploitability:
CWE CWE-264
CAPEC
  • Accessing, Modifying or Executing Executable Files
    An attack of this type exploits a system's configuration that allows an attacker to either directly access an executable file, for example through shell access; or in a possible worst case allows an attacker to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
  • Blue Boxing
    This type of attack against older telephone switches and trunks has been around for decades. A tone is sent by an adversary to impersonate a supervisor signal which has the effect of rerouting or usurping command of the line. While the US infrastructure proper may not contain widespread vulnerabilities to this type of attack, many companies are connected globally through call centers and business process outsourcing. These international systems may be operated in countries which have not upgraded Telco infrastructure and so are vulnerable to Blue boxing. Blue boxing is a result of failure on the part of the system to enforce strong authorization for administrative functions. While the infrastructure is different than standard current applications like web applications, there are historical lessons to be learned to upgrade the access control for administrative functions.
  • Restful Privilege Elevation
    Rest uses standard HTTP (Get, Put, Delete) style permissions methods, but these are not necessarily correlated generally with back end programs. Strict interpretation of HTTP get methods means that these HTTP Get services should not be used to delete information on the server, but there is no access control mechanism to back up this logic. This means that unless the services are properly ACL'd and the application's service implementation are following these guidelines then an HTTP request can easily execute a delete or update on the server side. The attacker identifies a HTTP Get URL such as http://victimsite/updateOrder, which calls out to a program to update orders on a database or other resource. The URL is not idempotent so the request can be submitted multiple times by the attacker, additionally, the attacker may be able to exploit the URL published as a Get method that actually performs updates (instead of merely retrieving data). This may result in malicious or inadvertent altering of data on the server.
  • Target Programs with Elevated Privileges
    This attack targets programs running with elevated privileges. The attacker would try to leverage a bug in the running program and get arbitrary code to execute with elevated privileges. For instance an attacker would look for programs that write to the system directories or registry keys (such as HKLM, which stores a number of critical Windows environment variables). These programs are typically running with elevated privileges and have usually not been designed with security in mind. Such programs are excellent exploit targets because they yield lots of power when they break. The malicious user try to execute its code at the same level as a privileged system call.
  • Manipulating Input to File System Calls
    An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-005.NASL
    description Rectifies an error patch condition where by corrupt wmf/emf files with out of bounds values in the emf/wmf file could enable an attacker by constructing a malicious file to execute arbitrary code if opened in OpenOffice by a victim. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 24184
    published 2007-01-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24184
    title Fedora Core 5 : openoffice.org-2.0.2-5.20.2 / Fedora Core 6 : openoffice.org-2.0.4-5.5.10 (2007-005)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120190.NASL
    description StarSuite 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/11/09
    last seen 2018-09-01
    modified 2018-08-22
    plugin id 22994
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22994
    title Solaris 5.10 (x86) : 120190-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120185-23.NASL
    description StarOffice 8 (Solaris): Update 18. Date this patch was last updated by Sun : Mar/15/11
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107355
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107355
    title Solaris 10 (sparc) : 120185-23
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_120189.NASL
    description StarSuite 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23558
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23558
    title Solaris 5.9 (sparc) : 120189-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_120186.NASL
    description StarOffice 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/10/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23467
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23467
    title Solaris 5.8 (x86) : 120186-19
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-118.NASL
    description OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. (CVE-2006-2198) An unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. (CVE-2006-2199) Heap-based buffer overflow in OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka 'File Format / Buffer Overflow Vulnerability.' (CVE-2006-3117) Updated packages are patched to address this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 22014
    published 2006-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22014
    title Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2006:118)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1104.NASL
    description Loading malformed XML documents can cause buffer overflows in OpenOffice.org, a free office suite, and cause a denial of service or execute arbitrary code. It turned out that the correction in DSA 1104-1 was not sufficient, hence, another update. For completeness please find the original advisory text below : Several vulnerabilities have been discovered in OpenOffice.org, a free office suite. The Common Vulnerabilities and Exposures Project identifies the following problems : - CVE-2006-2198 It turned out to be possible to embed arbitrary BASIC macros in documents in a way that OpenOffice.org does not see them but executes them anyway without any user interaction. - CVE-2006-2199 It is possible to evade the Java sandbox with specially crafted Java applets. - CVE-2006-3117 Loading malformed XML documents can cause buffer overflows and cause a denial of service or execute arbitrary code. This update has the Mozilla component disabled, so that the Mozilla/LDAP addressbook feature won't work anymore. It didn't work on anything else than i386 on sarge either.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 22646
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22646
    title Debian DSA-1104-2 : openoffice.org - several vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0573.NASL
    description Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A Sun security specialist reported an issue with the application framework. An attacker could put macros into document locations that could cause OpenOffice.org to execute them when the file was opened by a victim. (CVE-2006-2198) A bug was found in the OpenOffice.org Java virtual machine implementation. An attacker could write a carefully crafted Java applet that can break through the 'sandbox' and have full access to system resources with the current user privileges. (CVE-2006-2199) A buffer overflow bug was found in the OpenOffice.org file processor. An attacker could create a carefully crafted XML file that could cause OpenOffice.org to write data to an arbitrary location in memory when the file was opened by a victim. (CVE-2006-3117) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes for these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21906
    published 2006-07-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21906
    title CentOS 3 / 4 : openoffice.org (CESA-2006:0573)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0573.NASL
    description Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A Sun security specialist reported an issue with the application framework. An attacker could put macros into document locations that could cause OpenOffice.org to execute them when the file was opened by a victim. (CVE-2006-2198) A bug was found in the OpenOffice.org Java virtual machine implementation. An attacker could write a carefully crafted Java applet that can break through the 'sandbox' and have full access to system resources with the current user privileges. (CVE-2006-2199) A buffer overflow bug was found in the OpenOffice.org file processor. An attacker could create a carefully crafted XML file that could cause OpenOffice.org to write data to an arbitrary location in memory when the file was opened by a victim. (CVE-2006-3117) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes for these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 21916
    published 2006-07-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21916
    title RHEL 3 / 4 : openoffice.org (RHSA-2006:0573)
  • NASL family Windows
    NASL id OPENOFFICE_ORG_203.NASL
    description The remote host is running a version of OpenOffice.org which is older than version 2.0.3. An attacker may use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have him open it. The file could be crafted in such a way that it could exploit a buffer overflow in OpenOffice.org's XML parser, or by containing rogue macros.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 21784
    published 2006-06-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21784
    title OpenOffice < 2.0.3 Multiple Vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-313-1.NASL
    description It was possible to embed Basic macros in documents in a way that OpenOffice.org would not ask for confirmation about executing them. By tricking a user into opening a malicious document, this could be exploited to run arbitrary Basic code (including local file access and modification) with the user's privileges. (CVE-2006-2198) A flaw was discovered in the Java sandbox which allowed Java applets to break out of the sandbox and execute code without restrictions. By tricking a user into opening a malicious document, this could be exploited to run arbitrary code with the user's privileges. This update disables Java applets for OpenOffice.org, since it is not generally possible to guarantee the sandbox restrictions. (CVE-2006-2199) A buffer overflow has been found in the XML parser. By tricking a user into opening a specially crafted XML file with OpenOffice.org, this could be exploited to execute arbitrary code with the user's privileges. (CVE-2006-3117). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 27888
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27888
    title Ubuntu 5.04 / 6.06 LTS : openoffice.org-amd64, openoffice.org vulnerabilities (USN-313-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-313-2.NASL
    description USN-313-1 fixed several vulnerabilities in OpenOffice for Ubuntu 5.04 and Ubuntu 6.06 LTS. This followup advisory provides the corresponding update for Ubuntu 5.10. For reference, these are the details of the original USN : It was possible to embed Basic macros in documents in a way that OpenOffice.org would not ask for confirmation about executing them. By tricking a user into opening a malicious document, this could be exploited to run arbitrary Basic code (including local file access and modification) with the user's privileges. (CVE-2006-2198) A flaw was discovered in the Java sandbox which allowed Java applets to break out of the sandbox and execute code without restrictions. By tricking a user into opening a malicious document, this could be exploited to run arbitrary code with the user's privileges. This update disables Java applets for OpenOffice.org, since it is not generally possible to guarantee the sandbox restrictions. (CVE-2006-2199) A buffer overflow has been found in the XML parser. By tricking a user into opening a specially crafted XML file with OpenOffice.org, this could be exploited to execute arbitrary code with the user's privileges. (CVE-2006-3117). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-05-27
    plugin id 27889
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27889
    title Ubuntu 5.10 : openoffice.org2-amd64, openoffice.org2 vulnerabilities (USN-313-2)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120189.NASL
    description StarSuite 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2018-09-02
    modified 2018-08-22
    plugin id 22961
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22961
    title Solaris 5.10 (sparc) : 120189-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_120185.NASL
    description StarOffice 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23419
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23419
    title Solaris 5.8 (sparc) : 120185-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120186-23.NASL
    description StarOffice 8 (Solaris_x86): Update 18. Date this patch was last updated by Sun : Mar/15/11
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107857
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107857
    title Solaris 10 (x86) : 120186-23
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENOFFICE_ORG-1698.NASL
    description Following security problems were found in OpenOffice_org : - CVE-2006-2198: A security vulnerability in OpenOffice.org may make it possible to inject basic code into documents which is executed upon loading of the document. The user will not be asked or notified and the macro will have full access to system resources with current user's privileges. As a result, the macro may delete/replace system files, read/send private data and/or cause additional security issues. Note that this attack works even with Macro execution disabled. This attack allows remote attackers to modify files / execute code as the user opening the document. - CVE-2006-2199: A security vulnerability related to OpenOffice.org documents may allow certain Java applets to break through the 'sandbox' and therefore have full access to system resources with current user privileges. The offending Applets may be constructed to destroy/replace system files, read or send private data, and/or cause additional security issues. Since Java applet support is only there for historical reasons, as StarOffice was providing browser support, the support has nown been disabled by default. - CVE-2006-3117: A buffer overflow in the XML utf8 converter allows for a value to be written to an arbitrary location in memory. This may lead to command execution in the context of the current user.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27134
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27134
    title openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-1698)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200607-12.NASL
    description The remote host is affected by the vulnerability described in GLSA-200607-12 (OpenOffice.org: Multiple vulnerabilities) Internal security audits by OpenOffice.org have discovered three security vulnerabilities related to Java applets, macros and the XML file format parser. Specially crafted Java applets can break through the 'sandbox'. Specially crafted macros make it possible to inject BASIC code into documents which is executed when the document is loaded. Loading a malformed XML file can cause a buffer overflow. Impact : An attacker might exploit these vulnerabilities to escape the Java sandbox, execute arbitrary code or BASIC code with the permissions of the user running OpenOffice.org. Workaround : Disabling Java applets will protect against the vulnerability in the handling of Java applets. There are no workarounds for the macro and file format vulnerabilities.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 22120
    published 2006-07-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22120
    title GLSA-200607-12 : OpenOffice.org: Multiple vulnerabilities
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120190-23.NASL
    description StarSuite 8 (Solaris_x86): Update 18. Date this patch was last updated by Sun : Mar/15/11
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107858
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107858
    title Solaris 10 (x86) : 120190-23
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120186.NASL
    description StarOffice 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/10/09
    last seen 2018-09-01
    modified 2018-08-22
    plugin id 22993
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22993
    title Solaris 5.10 (x86) : 120186-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120189-23.NASL
    description StarSuite 8 (Solaris): Update 18. Date this patch was last updated by Sun : Mar/15/11
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107356
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107356
    title Solaris 10 (sparc) : 120189-23
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_120190.NASL
    description StarSuite 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/11/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23617
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23617
    title Solaris 5.9 (x86) : 120190-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120185.NASL
    description StarOffice 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2018-09-02
    modified 2018-08-22
    plugin id 22960
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22960
    title Solaris 5.10 (sparc) : 120185-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_120190.NASL
    description StarSuite 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/11/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23468
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23468
    title Solaris 5.8 (x86) : 120190-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_120189.NASL
    description StarSuite 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23420
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23420
    title Solaris 5.8 (sparc) : 120189-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_120185.NASL
    description StarOffice 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23557
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23557
    title Solaris 5.9 (sparc) : 120185-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_120186.NASL
    description StarOffice 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/10/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23616
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23616
    title Solaris 5.9 (x86) : 120186-19
oval via4
accepted 2013-04-29T04:11:21.883-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
family unix
id oval:org.mitre.oval:def:11082
status accepted
submitted 2010-07-09T03:56:16-04:00
title OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
version 23
redhat via4
advisories
rhsa
id RHSA-2006:0573
refmap via4
bid 18738
bugtraq 20060926 rPSA-2006-0173-1 openoffice.org
cert-vn VU#170113
confirm
debian DSA-1104
fedora FEDORA-2007-005
gentoo GLSA-200607-12
mandriva MDKSA-2006:118
sectrack 1016414
secunia
  • 20867
  • 20893
  • 20910
  • 20911
  • 20913
  • 20975
  • 20995
  • 21278
  • 22129
  • 23620
sunalert 102490
suse SUSE-SA:2006:040
ubuntu
  • USN-313-1
  • USN-313-2
vupen
  • ADV-2006-2607
  • ADV-2006-2621
xf openoffice-macro-code-execution(27564)
Last major update 26-08-2011 - 00:00
Published 30-06-2006 - 14:05
Last modified 18-10-2018 - 12:38
Back to Top