ID CVE-2007-4575
Summary HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
References
Vulnerable Configurations
  • cpe:2.3:a:openoffice:openoffice:2.0.1
    cpe:2.3:a:openoffice:openoffice:2.0.1
  • cpe:2.3:a:openoffice:openoffice:2.0.2
    cpe:2.3:a:openoffice:openoffice:2.0.2
  • cpe:2.3:a:openoffice:openoffice:2.0.3
    cpe:2.3:a:openoffice:openoffice:2.0.3
  • cpe:2.3:a:openoffice:openoffice:2.0.3_1
    cpe:2.3:a:openoffice:openoffice:2.0.3_1
  • cpe:2.3:a:openoffice:openoffice:2.0.4
    cpe:2.3:a:openoffice:openoffice:2.0.4
  • cpe:2.3:a:openoffice:openoffice:2.0beta
    cpe:2.3:a:openoffice:openoffice:2.0beta
  • cpe:2.3:a:openoffice:openoffice:2.1
    cpe:2.3:a:openoffice:openoffice:2.1
  • cpe:2.3:a:openoffice:openoffice:2.2
    cpe:2.3:a:openoffice:openoffice:2.2
  • cpe:2.3:a:openoffice:openoffice:2.2.1
    cpe:2.3:a:openoffice:openoffice:2.2.1
  • cpe:2.3:a:openoffice:openoffice:2.3
    cpe:2.3:a:openoffice:openoffice:2.3
CVSS
Base: 9.3 (as of 06-12-2007 - 10:29)
Impact:
Exploitability:
CWE CWE-94
CAPEC
  • Leverage Executable Code in Non-Executable Files
    An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
  • Manipulating User-Controlled Variables
    This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An attacker can override environment variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the attacker can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-1048.NASL
    description Updated openoffice.org and hsqldb packages that fix security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite. HSQLDB is a Java relational database engine used by OpenOffice.org Base. It was discovered that HSQLDB could allow the execution of arbitrary public static Java methods. A carefully crafted odb file opened in OpenOffice.org Base could execute arbitrary commands with the permissions of the user running OpenOffice.org. (CVE-2007-4575) It was discovered that HSQLDB did not have a password set on the 'sa' user. If HSQLDB has been configured as a service, a remote attacker who could connect to the HSQLDB port (tcp 9001) could execute arbitrary SQL commands. (CVE-2003-0845) Note that in Red Hat Enterprise Linux 5, HSQLDB is not enabled as a service by default, and needs manual configuration in order to work as a service. Users of OpenOffice.org or HSQLDB should update to these errata packages which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 43661
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43661
    title CentOS 5 : openoffice.org / hsqldb (CESA-2007:1048)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120190.NASL
    description StarSuite 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/11/09
    last seen 2018-09-01
    modified 2018-08-22
    plugin id 22994
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22994
    title Solaris 5.10 (x86) : 120190-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120185-23.NASL
    description StarOffice 8 (Solaris): Update 18. Date this patch was last updated by Sun : Mar/15/11
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107355
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107355
    title Solaris 10 (sparc) : 120185-23
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_120189.NASL
    description StarSuite 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23558
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23558
    title Solaris 5.9 (sparc) : 120189-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_120186.NASL
    description StarOffice 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/10/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23467
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23467
    title Solaris 5.8 (x86) : 120186-19
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20071205_OPENOFFICE_ORG__HSQLDB_ON_SL5_X.NASL
    description It was discovered that HSQLDB could allow the execution of arbitrary public static Java methods. A carefully crafted odb file opened in OpenOffice.org Base could execute arbitrary commands with the permissions of the user running OpenOffice.org. (CVE-2007-4575) It was discovered that HSQLDB did not have a password set on the 'sa' user. If HSQLDB has been configured as a service, a remote attacker who could connect to the HSQLDB port (tcp 9001) could execute arbitrary SQL commands. (CVE-2003-0845) Note that in Scientific Linux 5, HSQLDB is not enabled as a service by default, and needs manual configuration in order to work as a service.
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60324
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60324
    title Scientific Linux Security Update : openoffice.org, hsqldb on SL5.x i386/x86_64
  • NASL family Windows
    NASL id OPENOFFICE_231.NASL
    description The remote host is running a version of Sun Microsystems OpenOffice.org that contains an arbitrary code execution vulnerability in its HSQLDB database engine. If a remote attacker can trick a user into opening a specially crafted database, this issue can be leveraged to execute arbitrary static Java code on the remote host subject to the user's privileges.
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 29218
    published 2007-12-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29218
    title Sun OpenOffice.org < 2.3.1 Database HSQLDB Database Document Handling Arbitrary Java Code Execution
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-095.NASL
    description A vulnerability in HSQLDB before 1.8.0.9 in OpenOffice.org could allow user-assisted remote attackers to execute arbitrary Java code via crafted database documents (CVE-2007-4575). A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened (CVE-2007-5746). Multiple heap overflows and an integer underflow were discovered in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org ro crash or potentially execute arbitrary code (CVE-2007-5745, CVE-2007-5747). A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code (CVE-2008-0320). The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 37969
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37969
    title Mandriva Linux Security Advisory : openoffice.org (MDVSA-2008:095)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENOFFICE_ORG-4769.NASL
    description This update of OpenOffice_org adds restrictions to SQL statements of Java-based databases to avoid the execution of native Jave code by creating procedures. (CVE-2007-4575)
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 29240
    published 2007-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29240
    title openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-4769)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-1048.NASL
    description Updated openoffice.org and hsqldb packages that fix security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite. HSQLDB is a Java relational database engine used by OpenOffice.org Base. It was discovered that HSQLDB could allow the execution of arbitrary public static Java methods. A carefully crafted odb file opened in OpenOffice.org Base could execute arbitrary commands with the permissions of the user running OpenOffice.org. (CVE-2007-4575) It was discovered that HSQLDB did not have a password set on the 'sa' user. If HSQLDB has been configured as a service, a remote attacker who could connect to the HSQLDB port (tcp 9001) could execute arbitrary SQL commands. (CVE-2003-0845) Note that in Red Hat Enterprise Linux 5, HSQLDB is not enabled as a service by default, and needs manual configuration in order to work as a service. Users of OpenOffice.org or HSQLDB should update to these errata packages which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 63845
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63845
    title RHEL 5 : openoffice.org, hsqldb (RHSA-2007:1048)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120189.NASL
    description StarSuite 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2018-09-02
    modified 2018-08-22
    plugin id 22961
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22961
    title Solaris 5.10 (sparc) : 120189-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_120185.NASL
    description StarOffice 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23419
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23419
    title Solaris 5.8 (sparc) : 120185-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120186-23.NASL
    description StarOffice 8 (Solaris_x86): Update 18. Date this patch was last updated by Sun : Mar/15/11
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107857
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107857
    title Solaris 10 (x86) : 120186-23
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120190-23.NASL
    description StarSuite 8 (Solaris_x86): Update 18. Date this patch was last updated by Sun : Mar/15/11
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107858
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107858
    title Solaris 10 (x86) : 120190-23
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_120186.NASL
    description StarOffice 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/10/09
    last seen 2018-09-01
    modified 2018-08-22
    plugin id 22993
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22993
    title Solaris 5.10 (x86) : 120186-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120189-23.NASL
    description StarSuite 8 (Solaris): Update 18. Date this patch was last updated by Sun : Mar/15/11
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107356
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107356
    title Solaris 10 (sparc) : 120189-23
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_120190.NASL
    description StarSuite 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/11/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23617
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23617
    title Solaris 5.9 (x86) : 120190-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_120185.NASL
    description StarOffice 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2018-09-02
    modified 2018-08-22
    plugin id 22960
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22960
    title Solaris 5.10 (sparc) : 120185-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_120190.NASL
    description StarSuite 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/11/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23468
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23468
    title Solaris 5.8 (x86) : 120190-19
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-609-1.NASL
    description It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. (CVE-2007-4575) Multiple memory overflow flaws were discovered in OpenOffice.org's handling of Quattro Pro, EMF, and OLE files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. (CVE-2007-5745, CVE-2007-5746, CVE-2007-5747, CVE-2008-0320). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 32189
    published 2008-05-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32189
    title Ubuntu 6.06 LTS / 7.04 / 7.10 : hsqldb, openoffice.org/-amd64 vulnerabilities (USN-609-1)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_120189.NASL
    description StarSuite 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23420
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23420
    title Solaris 5.8 (sparc) : 120189-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_120185.NASL
    description StarOffice 8 (Solaris): Update 14. Date this patch was last updated by Sun : Sep/09/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23557
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23557
    title Solaris 5.9 (sparc) : 120185-19
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_120186.NASL
    description StarOffice 8 (Solaris_x86): Update 14. Date this patch was last updated by Sun : Sep/10/09
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 23616
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23616
    title Solaris 5.9 (x86) : 120186-19
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENOFFICE_ORG-4770.NASL
    description This update of OpenOffice_org adds restrictions to SQL statements of Java-based databases to avoid the execution of native Jave code by creating procedures. (CVE-2007-4575)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29368
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29368
    title SuSE 10 Security Update : OpenOffice_org (ZYPP Patch Number 4770)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200712-25.NASL
    description The remote host is affected by the vulnerability described in GLSA-200712-25 (OpenOffice.org: User-assisted arbitrary code execution) The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements. Impact : A remote attacker could entice a user to open a specially crafted document, possibly resulting in the remote execution of arbitrary Java code with the privileges of the user running OpenOffice.org. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 29822
    published 2007-12-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29822
    title GLSA-200712-25 : OpenOffice.org: User-assisted arbitrary code execution
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-762.NASL
    description CVE-2007-4575 restrict java instantiation features of hsqldb Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 29286
    published 2007-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29286
    title Fedora Core 6 : openoffice.org-2.0.4-5.5.25 (2007-762)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-4120.NASL
    description CVE-2007-4575 restrict java instantiation features of hsqldb Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-05-20
    plugin id 29268
    published 2007-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29268
    title Fedora 7 : openoffice.org-2.3.0-6.5.fc7 (2007-4120)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0213.NASL
    description New JBoss Enterprise Application Platform (JBEAP) packages, comprising the 4.2.0.CP02 release, are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. JBEAP is a middleware platform for Java 2 Platform, Enterprise Edition (J2EE) applications. This release of JBEAP for Red Hat Enterprise Linux 5 contains the JBoss Application Server and JBoss Seam and serves as a replacement for JBEAP 4.2.0.GA_CP01. As well as fixing numerous bugs and adding enhancements, these updated packages addresses several security issues. The JFreeChart component was vulnerable to multiple cross-site scripting (XSS) vulnerabilities. An attacker could misuse the image map feature to inject arbitrary web script or HTML via several attributes of the chart area. (CVE-2007-6306) A vulnerability caused by exposing static java methods was located within the HSQLDB component. This could be utilized by an attacker to execute arbitrary static java methods. (CVE-2007-4575) The setOrder method in the org.jboss.seam.framework.Query class did not properly validate user-supplied parameters. This vulnerability allowed remote attackers to inject and execute arbitrary EJBQL commands via the order parameter. (CVE-2007-6433) For details regarding the bug fixes and enhancements included with this update, please see the JBoss Enterprise Application Platform 4.2.0.CP02 Release Notes, linked to in the References section below. All Red Hat Enterprise Linux 5 users wanting to use the JBoss Enterprise Application Platform are advised to install these new packages.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 63851
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63851
    title RHEL 5 : JBoss EAP (RHSA-2008:0213)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-4171.NASL
    description Backporting a fix for CVE-2007-4576. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 30069
    published 2008-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30069
    title Fedora 8 : hsqldb-1.8.0.8-1jpp.5.fc8 (2007-4171)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-4172.NASL
    description CVE-2007-4575 restrict java instantiation features of hsqldb Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-05-20
    plugin id 29274
    published 2007-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29274
    title Fedora 8 : openoffice.org-2.3.0-6.7.fc8 (2007-4172)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20071205_OPENOFFICE_ORG2_ON_SL4_5.NASL
    description It was discovered that HSQLDB could allow the execution of arbitrary public static Java methods. A carefully crafted odb file opened in OpenOffice.org Base could execute arbitrary commands with the permissions of the user running OpenOffice.org. (CVE-2007-4575)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60323
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60323
    title Scientific Linux Security Update : openoffice.org2 on SL4.5 i386/x86_64
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1419.NASL
    description A vulnerability has been discovered in HSQLDB, the default database engine shipped with OpenOffice.org. This could result in the execution of arbitrary Java code embedded in a OpenOffice.org database document with the user's privilege. This update requires an update of both openoffice.org and hsqldb.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 29226
    published 2007-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29226
    title Debian DSA-1419-1 : openoffice.org - programming error
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-4119.NASL
    description Backporting a fix for CVE-2007-4576. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 30068
    published 2008-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30068
    title Fedora 7 : hsqldb-1.8.0.8-1jpp.5.fc7 (2007-4119)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENOFFICE_ORG-4802.NASL
    description This update of OpenOffice_org adds restrictions to SQL statements of Java-based databases to avoid the execution of native Jave code by creating procedures. (CVE-2007-4575)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 29877
    published 2008-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29877
    title openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-4802)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-1090.NASL
    description Updated openoffice.org2 packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite. HSQLDB is the default database engine shipped with OpenOffice.org 2. It was discovered that HSQLDB could allow the execution of arbitrary public static Java methods. A carefully crafted odb file opened in OpenOffice.org Base could execute arbitrary commands with the permissions of the user running OpenOffice.org. (CVE-2007-4575) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 29235
    published 2007-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29235
    title RHEL 4 : openoffice.org2 (RHSA-2007:1090)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0151.NASL
    description Updated JBoss Enterprise Application Platform (JBEAP) packages that fix several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platform (JBEAP) is a middleware platform for Java 2 Platform, Enterprise Edition (J2EE) applications. This release of JBEAP for Red Hat Enterprise Linux 4 contains the JBoss Application Server and JBoss Seam. This release serves as a replacement to JBEAP 4.2.0.GA. It fixes several security issues : The JFreeChart component was vulnerable to multiple cross-site scripting (XSS) vulnerabilities. An attacker could misuse the image map feature to inject arbitrary web script, or HTML, via several attributes of the chart area. (CVE-2007-6306) A vulnerability caused by exposing static Java methods was located within the HSQLDB component. This could be utilized by an attacker to execute arbitrary static Java methods. (CVE-2007-4575) The setOrder method in the org.jboss.seam.framework.Query class did not correctly validate user-supplied parameters. This vulnerability allowed remote attackers to inject, and execute, arbitrary Enterprise JavaBeans Query Language (EJB QL) commands via the order parameter. (CVE-2007-6433) These updated packages include bug fixes and enhancements which are not listed here. For a full list, please refer to the JBEAP 4.2.0CP02 release notes: http://redhat.com/docs/manuals/jboss/jboss-eap-4.2.0.cp02/readme.html Warning: before applying this update, please backup the JBEAP 'server/[configuration]/deploy/' directory, and any other customized configuration files. All users of JBEAP on Red Hat Enterprise Linux 4 are advised to upgrade to these updated packages, which resolve these issues.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 63848
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63848
    title RHEL 4 : JBoss EAP (RHSA-2008:0151)
oval via4
accepted 2013-04-29T04:02:19.201-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
family unix
id oval:org.mitre.oval:def:10153
status accepted
submitted 2010-07-09T03:56:16-04:00
title HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
version 25
redhat via4
advisories
  • bugzilla
    id 409891
    title CVE-2003-0845 JBoss HSQLDB component remote command injection
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment hsqldb is earlier than 1:1.8.0.4-3jpp.6
          oval oval:com.redhat.rhsa:tst:20071048002
        • comment hsqldb is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071048003
      • AND
        • comment hsqldb-demo is earlier than 1:1.8.0.4-3jpp.6
          oval oval:com.redhat.rhsa:tst:20071048008
        • comment hsqldb-demo is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071048009
      • AND
        • comment hsqldb-javadoc is earlier than 1:1.8.0.4-3jpp.6
          oval oval:com.redhat.rhsa:tst:20071048006
        • comment hsqldb-javadoc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071048007
      • AND
        • comment hsqldb-manual is earlier than 1:1.8.0.4-3jpp.6
          oval oval:com.redhat.rhsa:tst:20071048004
        • comment hsqldb-manual is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20071048005
      • AND
        • comment openoffice.org-base is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048126
        • comment openoffice.org-base is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069029
      • AND
        • comment openoffice.org-calc is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048026
        • comment openoffice.org-calc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069039
      • AND
        • comment openoffice.org-core is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048012
        • comment openoffice.org-core is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069143
      • AND
        • comment openoffice.org-draw is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048108
        • comment openoffice.org-draw is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069047
      • AND
        • comment openoffice.org-emailmerge is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048068
        • comment openoffice.org-emailmerge is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069037
      • AND
        • comment openoffice.org-graphicfilter is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048138
        • comment openoffice.org-graphicfilter is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069061
      • AND
        • comment openoffice.org-impress is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048106
        • comment openoffice.org-impress is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069121
      • AND
        • comment openoffice.org-javafilter is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048090
        • comment openoffice.org-javafilter is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069087
      • AND
        • comment openoffice.org-langpack-af_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048024
        • comment openoffice.org-langpack-af_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069091
      • AND
        • comment openoffice.org-langpack-ar is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048082
        • comment openoffice.org-langpack-ar is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069051
      • AND
        • comment openoffice.org-langpack-as_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048134
        • comment openoffice.org-langpack-as_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069147
      • AND
        • comment openoffice.org-langpack-bg_BG is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048112
        • comment openoffice.org-langpack-bg_BG is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069093
      • AND
        • comment openoffice.org-langpack-bn is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048120
        • comment openoffice.org-langpack-bn is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069115
      • AND
        • comment openoffice.org-langpack-ca_ES is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048086
        • comment openoffice.org-langpack-ca_ES is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069117
      • AND
        • comment openoffice.org-langpack-cs_CZ is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048074
        • comment openoffice.org-langpack-cs_CZ is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069021
      • AND
        • comment openoffice.org-langpack-cy_GB is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048092
        • comment openoffice.org-langpack-cy_GB is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069023
      • AND
        • comment openoffice.org-langpack-da_DK is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048010
        • comment openoffice.org-langpack-da_DK is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069089
      • AND
        • comment openoffice.org-langpack-de is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048062
        • comment openoffice.org-langpack-de is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069119
      • AND
        • comment openoffice.org-langpack-el_GR is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048022
        • comment openoffice.org-langpack-el_GR is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069095
      • AND
        • comment openoffice.org-langpack-es is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048130
        • comment openoffice.org-langpack-es is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069139
      • AND
        • comment openoffice.org-langpack-et_EE is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048154
        • comment openoffice.org-langpack-et_EE is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069003
      • AND
        • comment openoffice.org-langpack-eu_ES is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048132
        • comment openoffice.org-langpack-eu_ES is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069025
      • AND
        • comment openoffice.org-langpack-fi_FI is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048148
        • comment openoffice.org-langpack-fi_FI is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069043
      • AND
        • comment openoffice.org-langpack-fr is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048110
        • comment openoffice.org-langpack-fr is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069109
      • AND
        • comment openoffice.org-langpack-ga_IE is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048080
        • comment openoffice.org-langpack-ga_IE is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069131
      • AND
        • comment openoffice.org-langpack-gl_ES is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048018
        • comment openoffice.org-langpack-gl_ES is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069073
      • AND
        • comment openoffice.org-langpack-gu_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048088
        • comment openoffice.org-langpack-gu_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069033
      • AND
        • comment openoffice.org-langpack-he_IL is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048034
        • comment openoffice.org-langpack-he_IL is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069005
      • AND
        • comment openoffice.org-langpack-hi_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048044
        • comment openoffice.org-langpack-hi_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069083
      • AND
        • comment openoffice.org-langpack-hr_HR is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048128
        • comment openoffice.org-langpack-hr_HR is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069041
      • AND
        • comment openoffice.org-langpack-hu_HU is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048036
        • comment openoffice.org-langpack-hu_HU is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069045
      • AND
        • comment openoffice.org-langpack-it is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048124
        • comment openoffice.org-langpack-it is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069009
      • AND
        • comment openoffice.org-langpack-ja_JP is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048150
        • comment openoffice.org-langpack-ja_JP is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069113
      • AND
        • comment openoffice.org-langpack-kn_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048060
        • comment openoffice.org-langpack-kn_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069133
      • AND
        • comment openoffice.org-langpack-ko_KR is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048050
        • comment openoffice.org-langpack-ko_KR is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069065
      • AND
        • comment openoffice.org-langpack-lt_LT is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048078
        • comment openoffice.org-langpack-lt_LT is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069145
      • AND
        • comment openoffice.org-langpack-ml_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048042
        • comment openoffice.org-langpack-ml_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069035
      • AND
        • comment openoffice.org-langpack-mr_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048066
        • comment openoffice.org-langpack-mr_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069031
      • AND
        • comment openoffice.org-langpack-ms_MY is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048118
        • comment openoffice.org-langpack-ms_MY is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069099
      • AND
        • comment openoffice.org-langpack-nb_NO is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048058
        • comment openoffice.org-langpack-nb_NO is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069081
      • AND
        • comment openoffice.org-langpack-nl is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048028
        • comment openoffice.org-langpack-nl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069057
      • AND
        • comment openoffice.org-langpack-nn_NO is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048038
        • comment openoffice.org-langpack-nn_NO is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069111
      • AND
        • comment openoffice.org-langpack-nr_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048116
        • comment openoffice.org-langpack-nr_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069011
      • AND
        • comment openoffice.org-langpack-nso_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048046
        • comment openoffice.org-langpack-nso_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069077
      • AND
        • comment openoffice.org-langpack-or_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048084
        • comment openoffice.org-langpack-or_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069007
      • AND
        • comment openoffice.org-langpack-pa_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048146
        • comment openoffice.org-langpack-pa_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069013
      • AND
        • comment openoffice.org-langpack-pl_PL is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048048
        • comment openoffice.org-langpack-pl_PL is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069103
      • AND
        • comment openoffice.org-langpack-pt_BR is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048054
        • comment openoffice.org-langpack-pt_BR is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069069
      • AND
        • comment openoffice.org-langpack-pt_PT is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048016
        • comment openoffice.org-langpack-pt_PT is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069107
      • AND
        • comment openoffice.org-langpack-ru is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048142
        • comment openoffice.org-langpack-ru is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069105
      • AND
        • comment openoffice.org-langpack-sk_SK is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048122
        • comment openoffice.org-langpack-sk_SK is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069137
      • AND
        • comment openoffice.org-langpack-sl_SI is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048094
        • comment openoffice.org-langpack-sl_SI is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069019
      • AND
        • comment openoffice.org-langpack-sr_CS is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048136
        • comment openoffice.org-langpack-sr_CS is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069049
      • AND
        • comment openoffice.org-langpack-ss_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048070
        • comment openoffice.org-langpack-ss_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069015
      • AND
        • comment openoffice.org-langpack-st_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048032
        • comment openoffice.org-langpack-st_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069055
      • AND
        • comment openoffice.org-langpack-sv is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048098
        • comment openoffice.org-langpack-sv is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069067
      • AND
        • comment openoffice.org-langpack-ta_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048144
        • comment openoffice.org-langpack-ta_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069135
      • AND
        • comment openoffice.org-langpack-te_IN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048096
        • comment openoffice.org-langpack-te_IN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069141
      • AND
        • comment openoffice.org-langpack-th_TH is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048140
        • comment openoffice.org-langpack-th_TH is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069017
      • AND
        • comment openoffice.org-langpack-tn_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048114
        • comment openoffice.org-langpack-tn_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069059
      • AND
        • comment openoffice.org-langpack-tr_TR is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048102
        • comment openoffice.org-langpack-tr_TR is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069079
      • AND
        • comment openoffice.org-langpack-ts_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048020
        • comment openoffice.org-langpack-ts_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069125
      • AND
        • comment openoffice.org-langpack-ur is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048052
        • comment openoffice.org-langpack-ur is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069071
      • AND
        • comment openoffice.org-langpack-ve_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048076
        • comment openoffice.org-langpack-ve_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069053
      • AND
        • comment openoffice.org-langpack-xh_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048152
        • comment openoffice.org-langpack-xh_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069129
      • AND
        • comment openoffice.org-langpack-zh_CN is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048030
        • comment openoffice.org-langpack-zh_CN is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069127
      • AND
        • comment openoffice.org-langpack-zh_TW is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048014
        • comment openoffice.org-langpack-zh_TW is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069097
      • AND
        • comment openoffice.org-langpack-zu_ZA is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048056
        • comment openoffice.org-langpack-zu_ZA is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069101
      • AND
        • comment openoffice.org-math is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048100
        • comment openoffice.org-math is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069063
      • AND
        • comment openoffice.org-pyuno is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048072
        • comment openoffice.org-pyuno is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069085
      • AND
        • comment openoffice.org-testtools is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048040
        • comment openoffice.org-testtools is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069075
      • AND
        • comment openoffice.org-writer is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048104
        • comment openoffice.org-writer is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069027
      • AND
        • comment openoffice.org-xsltfilter is earlier than 1:2.0.4-5.4.25
          oval oval:com.redhat.rhsa:tst:20071048064
        • comment openoffice.org-xsltfilter is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070069123
    rhsa
    id RHSA-2007:1048
    released 2007-12-05
    severity Moderate
    title RHSA-2007:1048: openoffice.org, hsqldb security update (Moderate)
  • bugzilla
    id 299801
    title CVE-2007-4575 OpenOffice.org-base allows Denial-of-Service and command injection
    oval
    AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    • OR
      • AND
        • comment openoffice.org2-base is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090058
        • comment openoffice.org2-base is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406097
      • AND
        • comment openoffice.org2-calc is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090076
        • comment openoffice.org2-calc is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406073
      • AND
        • comment openoffice.org2-core is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090018
        • comment openoffice.org2-core is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406095
      • AND
        • comment openoffice.org2-draw is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090098
        • comment openoffice.org2-draw is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406129
      • AND
        • comment openoffice.org2-emailmerge is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090010
        • comment openoffice.org2-emailmerge is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406105
      • AND
        • comment openoffice.org2-graphicfilter is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090070
        • comment openoffice.org2-graphicfilter is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406067
      • AND
        • comment openoffice.org2-impress is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090034
        • comment openoffice.org2-impress is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406069
      • AND
        • comment openoffice.org2-javafilter is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090092
        • comment openoffice.org2-javafilter is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406049
      • AND
        • comment openoffice.org2-langpack-af_ZA is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090022
        • comment openoffice.org2-langpack-af_ZA is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406103
      • AND
        • comment openoffice.org2-langpack-ar is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090074
        • comment openoffice.org2-langpack-ar is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406037
      • AND
        • comment openoffice.org2-langpack-bg_BG is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090090
        • comment openoffice.org2-langpack-bg_BG is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406099
      • AND
        • comment openoffice.org2-langpack-bn is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090078
        • comment openoffice.org2-langpack-bn is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406035
      • AND
        • comment openoffice.org2-langpack-ca_ES is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090068
        • comment openoffice.org2-langpack-ca_ES is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406047
      • AND
        • comment openoffice.org2-langpack-cs_CZ is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090108
        • comment openoffice.org2-langpack-cs_CZ is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406109
      • AND
        • comment openoffice.org2-langpack-cy_GB is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090036
        • comment openoffice.org2-langpack-cy_GB is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406027
      • AND
        • comment openoffice.org2-langpack-da_DK is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090094
        • comment openoffice.org2-langpack-da_DK is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406125
      • AND
        • comment openoffice.org2-langpack-de is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090084
        • comment openoffice.org2-langpack-de is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406119
      • AND
        • comment openoffice.org2-langpack-el_GR is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090114
        • comment openoffice.org2-langpack-el_GR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406127
      • AND
        • comment openoffice.org2-langpack-es is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090038
        • comment openoffice.org2-langpack-es is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406071
      • AND
        • comment openoffice.org2-langpack-et_EE is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090048
        • comment openoffice.org2-langpack-et_EE is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406061
      • AND
        • comment openoffice.org2-langpack-eu_ES is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090102
        • comment openoffice.org2-langpack-eu_ES is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406019
      • AND
        • comment openoffice.org2-langpack-fi_FI is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090104
        • comment openoffice.org2-langpack-fi_FI is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406117
      • AND
        • comment openoffice.org2-langpack-fr is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090020
        • comment openoffice.org2-langpack-fr is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406123
      • AND
        • comment openoffice.org2-langpack-ga_IE is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090008
        • comment openoffice.org2-langpack-ga_IE is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406053
      • AND
        • comment openoffice.org2-langpack-gl_ES is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090054
        • comment openoffice.org2-langpack-gl_ES is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406041
      • AND
        • comment openoffice.org2-langpack-gu_IN is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090052
        • comment openoffice.org2-langpack-gu_IN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406087
      • AND
        • comment openoffice.org2-langpack-he_IL is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090016
        • comment openoffice.org2-langpack-he_IL is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406083
      • AND
        • comment openoffice.org2-langpack-hi_IN is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090088
        • comment openoffice.org2-langpack-hi_IN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406017
      • AND
        • comment openoffice.org2-langpack-hr_HR is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090060
        • comment openoffice.org2-langpack-hr_HR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406121
      • AND
        • comment openoffice.org2-langpack-hu_HU is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090110
        • comment openoffice.org2-langpack-hu_HU is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406023
      • AND
        • comment openoffice.org2-langpack-it is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090028
        • comment openoffice.org2-langpack-it is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406043
      • AND
        • comment openoffice.org2-langpack-ja_JP is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090066
        • comment openoffice.org2-langpack-ja_JP is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406055
      • AND
        • comment openoffice.org2-langpack-ko_KR is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090032
        • comment openoffice.org2-langpack-ko_KR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406079
      • AND
        • comment openoffice.org2-langpack-lt_LT is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090046
        • comment openoffice.org2-langpack-lt_LT is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406077
      • AND
        • comment openoffice.org2-langpack-ms_MY is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090006
        • comment openoffice.org2-langpack-ms_MY is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406021
      • AND
        • comment openoffice.org2-langpack-nb_NO is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090002
        • comment openoffice.org2-langpack-nb_NO is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406111
      • AND
        • comment openoffice.org2-langpack-nl is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090086
        • comment openoffice.org2-langpack-nl is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406039
      • AND
        • comment openoffice.org2-langpack-nn_NO is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090026
        • comment openoffice.org2-langpack-nn_NO is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406031
      • AND
        • comment openoffice.org2-langpack-pa_IN is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090112
        • comment openoffice.org2-langpack-pa_IN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406025
      • AND
        • comment openoffice.org2-langpack-pl_PL is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090080
        • comment openoffice.org2-langpack-pl_PL is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406075
      • AND
        • comment openoffice.org2-langpack-pt_BR is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090106
        • comment openoffice.org2-langpack-pt_BR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406101
      • AND
        • comment openoffice.org2-langpack-pt_PT is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090082
        • comment openoffice.org2-langpack-pt_PT is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406113
      • AND
        • comment openoffice.org2-langpack-ru is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090100
        • comment openoffice.org2-langpack-ru is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406091
      • AND
        • comment openoffice.org2-langpack-sk_SK is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090024
        • comment openoffice.org2-langpack-sk_SK is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406059
      • AND
        • comment openoffice.org2-langpack-sl_SI is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090062
        • comment openoffice.org2-langpack-sl_SI is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406051
      • AND
        • comment openoffice.org2-langpack-sr_CS is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090072
        • comment openoffice.org2-langpack-sr_CS is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406107
      • AND
        • comment openoffice.org2-langpack-sv is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090096
        • comment openoffice.org2-langpack-sv is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406093
      • AND
        • comment openoffice.org2-langpack-ta_IN is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090044
        • comment openoffice.org2-langpack-ta_IN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406015
      • AND
        • comment openoffice.org2-langpack-th_TH is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090014
        • comment openoffice.org2-langpack-th_TH is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406085
      • AND
        • comment openoffice.org2-langpack-tr_TR is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090050
        • comment openoffice.org2-langpack-tr_TR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406081
      • AND
        • comment openoffice.org2-langpack-zh_CN is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090004
        • comment openoffice.org2-langpack-zh_CN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406029
      • AND
        • comment openoffice.org2-langpack-zh_TW is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090030
        • comment openoffice.org2-langpack-zh_TW is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406089
      • AND
        • comment openoffice.org2-langpack-zu_ZA is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090040
        • comment openoffice.org2-langpack-zu_ZA is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406063
      • AND
        • comment openoffice.org2-math is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090042
        • comment openoffice.org2-math is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406065
      • AND
        • comment openoffice.org2-pyuno is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090064
        • comment openoffice.org2-pyuno is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406045
      • AND
        • comment openoffice.org2-testtools is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090056
        • comment openoffice.org2-testtools is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406033
      • AND
        • comment openoffice.org2-writer is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090012
        • comment openoffice.org2-writer is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406115
      • AND
        • comment openoffice.org2-xsltfilter is earlier than 1:2.0.4-5.7.0.3.0
          oval oval:com.redhat.rhsa:tst:20071090116
        • comment openoffice.org2-xsltfilter is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406057
    rhsa
    id RHSA-2007:1090
    released 2007-12-05
    severity Moderate
    title RHSA-2007:1090: openoffice.org2 security update (Moderate)
  • rhsa
    id RHSA-2008:0151
  • rhsa
    id RHSA-2008:0158
  • rhsa
    id RHSA-2008:0213
rpms
  • hsqldb-1:1.8.0.4-3jpp.6
  • hsqldb-demo-1:1.8.0.4-3jpp.6
  • hsqldb-javadoc-1:1.8.0.4-3jpp.6
  • hsqldb-manual-1:1.8.0.4-3jpp.6
  • openoffice.org-base-1:2.0.4-5.4.25
  • openoffice.org-calc-1:2.0.4-5.4.25
  • openoffice.org-core-1:2.0.4-5.4.25
  • openoffice.org-draw-1:2.0.4-5.4.25
  • openoffice.org-emailmerge-1:2.0.4-5.4.25
  • openoffice.org-graphicfilter-1:2.0.4-5.4.25
  • openoffice.org-impress-1:2.0.4-5.4.25
  • openoffice.org-javafilter-1:2.0.4-5.4.25
  • openoffice.org-langpack-af_ZA-1:2.0.4-5.4.25
  • openoffice.org-langpack-ar-1:2.0.4-5.4.25
  • openoffice.org-langpack-as_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-bg_BG-1:2.0.4-5.4.25
  • openoffice.org-langpack-bn-1:2.0.4-5.4.25
  • openoffice.org-langpack-ca_ES-1:2.0.4-5.4.25
  • openoffice.org-langpack-cs_CZ-1:2.0.4-5.4.25
  • openoffice.org-langpack-cy_GB-1:2.0.4-5.4.25
  • openoffice.org-langpack-da_DK-1:2.0.4-5.4.25
  • openoffice.org-langpack-de-1:2.0.4-5.4.25
  • openoffice.org-langpack-el_GR-1:2.0.4-5.4.25
  • openoffice.org-langpack-es-1:2.0.4-5.4.25
  • openoffice.org-langpack-et_EE-1:2.0.4-5.4.25
  • openoffice.org-langpack-eu_ES-1:2.0.4-5.4.25
  • openoffice.org-langpack-fi_FI-1:2.0.4-5.4.25
  • openoffice.org-langpack-fr-1:2.0.4-5.4.25
  • openoffice.org-langpack-ga_IE-1:2.0.4-5.4.25
  • openoffice.org-langpack-gl_ES-1:2.0.4-5.4.25
  • openoffice.org-langpack-gu_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-he_IL-1:2.0.4-5.4.25
  • openoffice.org-langpack-hi_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-hr_HR-1:2.0.4-5.4.25
  • openoffice.org-langpack-hu_HU-1:2.0.4-5.4.25
  • openoffice.org-langpack-it-1:2.0.4-5.4.25
  • openoffice.org-langpack-ja_JP-1:2.0.4-5.4.25
  • openoffice.org-langpack-kn_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-ko_KR-1:2.0.4-5.4.25
  • openoffice.org-langpack-lt_LT-1:2.0.4-5.4.25
  • openoffice.org-langpack-ml_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-mr_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-ms_MY-1:2.0.4-5.4.25
  • openoffice.org-langpack-nb_NO-1:2.0.4-5.4.25
  • openoffice.org-langpack-nl-1:2.0.4-5.4.25
  • openoffice.org-langpack-nn_NO-1:2.0.4-5.4.25
  • openoffice.org-langpack-nr_ZA-1:2.0.4-5.4.25
  • openoffice.org-langpack-nso_ZA-1:2.0.4-5.4.25
  • openoffice.org-langpack-or_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-pa_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-pl_PL-1:2.0.4-5.4.25
  • openoffice.org-langpack-pt_BR-1:2.0.4-5.4.25
  • openoffice.org-langpack-pt_PT-1:2.0.4-5.4.25
  • openoffice.org-langpack-ru-1:2.0.4-5.4.25
  • openoffice.org-langpack-sk_SK-1:2.0.4-5.4.25
  • openoffice.org-langpack-sl_SI-1:2.0.4-5.4.25
  • openoffice.org-langpack-sr_CS-1:2.0.4-5.4.25
  • openoffice.org-langpack-ss_ZA-1:2.0.4-5.4.25
  • openoffice.org-langpack-st_ZA-1:2.0.4-5.4.25
  • openoffice.org-langpack-sv-1:2.0.4-5.4.25
  • openoffice.org-langpack-ta_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-te_IN-1:2.0.4-5.4.25
  • openoffice.org-langpack-th_TH-1:2.0.4-5.4.25
  • openoffice.org-langpack-tn_ZA-1:2.0.4-5.4.25
  • openoffice.org-langpack-tr_TR-1:2.0.4-5.4.25
  • openoffice.org-langpack-ts_ZA-1:2.0.4-5.4.25
  • openoffice.org-langpack-ur-1:2.0.4-5.4.25
  • openoffice.org-langpack-ve_ZA-1:2.0.4-5.4.25
  • openoffice.org-langpack-xh_ZA-1:2.0.4-5.4.25
  • openoffice.org-langpack-zh_CN-1:2.0.4-5.4.25
  • openoffice.org-langpack-zh_TW-1:2.0.4-5.4.25
  • openoffice.org-langpack-zu_ZA-1:2.0.4-5.4.25
  • openoffice.org-math-1:2.0.4-5.4.25
  • openoffice.org-pyuno-1:2.0.4-5.4.25
  • openoffice.org-testtools-1:2.0.4-5.4.25
  • openoffice.org-writer-1:2.0.4-5.4.25
  • openoffice.org-xsltfilter-1:2.0.4-5.4.25
  • openoffice.org2-base-1:2.0.4-5.7.0.3.0
  • openoffice.org2-calc-1:2.0.4-5.7.0.3.0
  • openoffice.org2-core-1:2.0.4-5.7.0.3.0
  • openoffice.org2-draw-1:2.0.4-5.7.0.3.0
  • openoffice.org2-emailmerge-1:2.0.4-5.7.0.3.0
  • openoffice.org2-graphicfilter-1:2.0.4-5.7.0.3.0
  • openoffice.org2-impress-1:2.0.4-5.7.0.3.0
  • openoffice.org2-javafilter-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-af_ZA-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-ar-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-bg_BG-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-bn-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-ca_ES-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-cs_CZ-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-cy_GB-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-da_DK-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-de-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-el_GR-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-es-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-et_EE-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-eu_ES-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-fi_FI-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-fr-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-ga_IE-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-gl_ES-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-gu_IN-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-he_IL-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-hi_IN-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-hr_HR-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-hu_HU-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-it-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-ja_JP-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-ko_KR-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-lt_LT-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-ms_MY-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-nb_NO-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-nl-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-nn_NO-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-pa_IN-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-pl_PL-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-pt_BR-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-pt_PT-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-ru-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-sk_SK-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-sl_SI-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-sr_CS-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-sv-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-ta_IN-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-th_TH-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-tr_TR-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-zh_CN-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-zh_TW-1:2.0.4-5.7.0.3.0
  • openoffice.org2-langpack-zu_ZA-1:2.0.4-5.7.0.3.0
  • openoffice.org2-math-1:2.0.4-5.7.0.3.0
  • openoffice.org2-pyuno-1:2.0.4-5.7.0.3.0
  • openoffice.org2-testtools-1:2.0.4-5.7.0.3.0
  • openoffice.org2-writer-1:2.0.4-5.7.0.3.0
  • openoffice.org2-xsltfilter-1:2.0.4-5.7.0.3.0
refmap via4
bid 26703
confirm http://www.openoffice.org/security/cves/CVE-2007-4575.html
debian DSA-1419
fedora
  • FEDORA-2007-4119
  • FEDORA-2007-4120
  • FEDORA-2007-4171
  • FEDORA-2007-4172
  • FEDORA-2007-762
gentoo GLSA-200712-25
mandriva MDVSA-2008:095
misc
sectrack 1019041
secunia
  • 27914
  • 27916
  • 27928
  • 27931
  • 27972
  • 28018
  • 28039
  • 28286
  • 28585
  • 30100
sunalert
  • 103141
  • 200637
suse SUSE-SA:2007:067
ubuntu USN-609-1
vupen
  • ADV-2007-4092
  • ADV-2007-4146
xf openoffice-hsqldb-code-execution(38882)
Last major update 12-05-2011 - 00:00
Published 05-12-2007 - 21:46
Last modified 28-09-2017 - 21:29
Back to Top