ID CVE-2008-0320
Summary Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
References
Vulnerable Configurations
  • cpe:2.3:a:openoffice:openoffice.org:2.0.3
    cpe:2.3:a:openoffice:openoffice.org:2.0.3
  • cpe:2.3:a:openoffice:openoffice.org:2.1
    cpe:2.3:a:openoffice:openoffice.org:2.1
  • cpe:2.3:a:openoffice:openoffice.org:2.2
    cpe:2.3:a:openoffice:openoffice.org:2.2
  • cpe:2.3:a:openoffice:openoffice.org:2.2.1
    cpe:2.3:a:openoffice:openoffice.org:2.2.1
  • cpe:2.3:a:openoffice:openoffice.org:2.3
    cpe:2.3:a:openoffice:openoffice.org:2.3
  • cpe:2.3:a:openoffice:openoffice.org:2.3.1
    cpe:2.3:a:openoffice:openoffice.org:2.3.1
CVSS
Base: 9.3 (as of 18-04-2008 - 09:48)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow. CVE-2008-0320. Local exploit for windows platform
id EDB-ID:18923
last seen 2016-02-02
modified 2012-05-25
published 2012-05-25
reporter metasploit
source https://www.exploit-db.com/download/18923/
title OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
metasploit via4
description This module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
id MSF:EXPLOIT/WINDOWS/FILEFORMAT/OPENOFFICE_OLE
last seen 2019-02-16
modified 2017-07-24
published 2012-05-23
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/openoffice_ole.rb
title OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
nessus via4
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080417_OPENOFFICE_ORG2_ON_SL4_5_AND_4_6.NASL
    description Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747) A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60388
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60388
    title Scientific Linux Security Update : openoffice.org2 on SL4.5 and 4.6 i386/x86_64
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200805-16.NASL
    description The remote host is affected by the vulnerability described in GLSA-200805-16 (OpenOffice.org: Multiple vulnerabilities) iDefense Labs reported multiple vulnerabilities in OpenOffice.org: multiple heap-based buffer overflows when parsing the 'Attribute' and 'Font' Description records of Quattro Pro (QPRO) files (CVE-2007-5745), an integer overflow when parsing the EMR_STRETCHBLT record of an EMF file, resulting in a heap-based buffer overflow (CVE-2007-5746), an integer underflow when parsing Quattro Pro (QPRO) files, resulting in an excessive loop and a stack-based buffer overflow (CVE-2007-5747), and a heap-based buffer overflow when parsing the 'DocumentSummaryInformation' stream in an OLE file (CVE-2008-0320). Furthermore, Will Drewry (Google Security) reported vulnerabilities in the memory management of the International Components for Unicode (CVE-2007-4770, CVE-2007-4771), which was resolved with GLSA 200803-20. However, the binary version of OpenOffice.org uses an internal copy of said library. Impact : A remote attacker could entice a user to open a specially crafted document, possibly resulting in the remote execution of arbitrary code with the privileges of the user running OpenOffice.org. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 32353
    published 2008-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32353
    title GLSA-200805-16 : OpenOffice.org: Multiple vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0176.NASL
    description Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 32019
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32019
    title RHEL 3 / 4 : openoffice.org (RHSA-2008:0176)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-095.NASL
    description A vulnerability in HSQLDB before 1.8.0.9 in OpenOffice.org could allow user-assisted remote attackers to execute arbitrary Java code via crafted database documents (CVE-2007-4575). A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened (CVE-2007-5746). Multiple heap overflows and an integer underflow were discovered in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org ro crash or potentially execute arbitrary code (CVE-2007-5745, CVE-2007-5747). A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code (CVE-2008-0320). The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 37969
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37969
    title Mandriva Linux Security Advisory : openoffice.org (MDVSA-2008:095)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0176.NASL
    description Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 31997
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31997
    title CentOS 3 / 4 : openoffice.org (CESA-2008:0176)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0176.NASL
    description From Red Hat Security Advisory 2008:0176 : Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67666
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67666
    title Oracle Linux 3 / 4 : openoffice.org (ELSA-2008-0176)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080417_OPENOFFICE_ORG_ON_SL3_X.NASL
    description A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60389
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60389
    title Scientific Linux Security Update : openoffice.org on SL3.x, SL4.x i386/x86_64
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080417_OPENOFFICE_ORG_ON_SL5_X.NASL
    description Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747) A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60390
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60390
    title Scientific Linux Security Update : openoffice.org on SL5.x i386/x86_64
  • NASL family Windows
    NASL id OPENOFFICE_240.NASL
    description The version of Sun Microsystems OpenOffice.org installed on the remote host is affected by several issues : - Heap overflow and arbitrary code execution vulnerabilities involving ODF text documents with XForms (CVE-2007-4770/4771). - Heap overflow and arbitrary code execution vulnerabilities involving Quattro Pro files (CVE-2007-5745/5747). - Heap overflow and arbitrary code execution vulnerabilities involving EMF files (CVE-2007-5746). - Heap overflow and arbitrary code execution vulnerabilities involving OLE files (CVE-2008-0320).
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 31968
    published 2008-04-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31968
    title Sun OpenOffice.org < 2.4 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENOFFICE_ORG-5053.NASL
    description This update of OpenOffice fixes various critical security vulnerabilities - heap-overflow when parsing PPT files (CVE-2008-0320) - various buffer-overflows while parsing QPRO files (CVE-2007-5745, CVE-2007-5747) - out-of-bound memory access and a heap-overflow in the regex engine of libICU (CVE-2007-4770,CVE-2007-4771)
    last seen 2019-02-21
    modified 2018-01-11
    plugin id 32023
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32023
    title openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-5053)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-609-1.NASL
    description It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. (CVE-2007-4575) Multiple memory overflow flaws were discovered in OpenOffice.org's handling of Quattro Pro, EMF, and OLE files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. (CVE-2007-5745, CVE-2007-5746, CVE-2007-5747, CVE-2008-0320). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 32189
    published 2008-05-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32189
    title Ubuntu 6.06 LTS / 7.04 / 7.10 : hsqldb, openoffice.org/-amd64 vulnerabilities (USN-609-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-4104.NASL
    description Following security issues were addressed in this update: # CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution # CVE-2007-5746: Manipulated EMF files can lead to heap overflows and arbitrary code execution # CVE-2008-0320: Manipulated OLE files can lead to heap overflows and arbitrary code execution Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-01-11
    plugin id 32385
    published 2008-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32385
    title Fedora 7 : openoffice.org-2.3.0-6.8.fc7 (2008-4104)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0175.NASL
    description Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747) A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 32018
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32018
    title RHEL 4 / 5 : openoffice.org (RHSA-2008:0175)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0175.NASL
    description Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747) A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 31996
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31996
    title CentOS 4 / 5 : openoffice.org / openoffice.org2 (CESA-2008:0175)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-3251.NASL
    description Following security issues were addressed in this update: # CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution # CVE-2007-5746: Manipulated EMF files can lead to heap overflows and arbitrary code execution # CVE-2008-0320: Manipulated OLE files can lead to heap overflows and arbitrary code execution Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-01-11
    plugin id 32042
    published 2008-04-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32042
    title Fedora 8 : openoffice.org-2.3.0-6.14.fc8 (2008-3251)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1547.NASL
    description Several security related problems have been discovered in OpenOffice.org, the free office suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5745, CVE-2007-5747 Several bugs have been discovered in the way OpenOffice.org parses Quattro Pro files that may lead to a overflow in the heap potentially leading to the execution of arbitrary code. - CVE-2007-5746 Specially crafted EMF files can trigger a buffer overflow in the heap that may lead to the execution of arbitrary code. - CVE-2008-0320 A bug has been discovered in the processing of OLE files that can cause a buffer overflow in the heap potentially leading to the execution of arbitrary code. Recently reported problems in the ICU library are fixed in separate libicu packages with DSA 1511 against which OpenOffice.org is linked.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 31969
    published 2008-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31969
    title Debian DSA-1547-1 : openoffice.org - several vulnerabilities
oval via4
accepted 2013-04-29T04:04:34.794-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
family unix
id oval:org.mitre.oval:def:10318
status accepted
submitted 2010-07-09T03:56:16-04:00
title Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
version 24
packetstorm via4
data source https://packetstormsecurity.com/files/download/113002/openoffice_ole.rb.txt
id PACKETSTORM:113002
last seen 2016-12-05
published 2012-05-24
reporter metasploit.com
source https://packetstormsecurity.com/files/113002/OpenOffice-OLE-Importer-DocumentSummaryInformation-Stream-Handling-Overflow.html
title OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
redhat via4
advisories
  • bugzilla
    id 435681
    title CVE-2007-5747 openoffice.org: Quattro Pro files parsing integer underflow
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhsa:tst:20060016001
      • OR
        • AND
          • comment openoffice.org2-base is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175066
          • comment openoffice.org2-base is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406097
        • AND
          • comment openoffice.org2-calc is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175056
          • comment openoffice.org2-calc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406073
        • AND
          • comment openoffice.org2-core is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175062
          • comment openoffice.org2-core is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406095
        • AND
          • comment openoffice.org2-draw is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175096
          • comment openoffice.org2-draw is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406129
        • AND
          • comment openoffice.org2-emailmerge is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175074
          • comment openoffice.org2-emailmerge is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406105
        • AND
          • comment openoffice.org2-graphicfilter is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175044
          • comment openoffice.org2-graphicfilter is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406067
        • AND
          • comment openoffice.org2-impress is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175070
          • comment openoffice.org2-impress is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406069
        • AND
          • comment openoffice.org2-javafilter is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175010
          • comment openoffice.org2-javafilter is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406049
        • AND
          • comment openoffice.org2-langpack-af_ZA is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175076
          • comment openoffice.org2-langpack-af_ZA is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406103
        • AND
          • comment openoffice.org2-langpack-ar is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175114
          • comment openoffice.org2-langpack-ar is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406037
        • AND
          • comment openoffice.org2-langpack-bg_BG is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175006
          • comment openoffice.org2-langpack-bg_BG is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406099
        • AND
          • comment openoffice.org2-langpack-bn is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175064
          • comment openoffice.org2-langpack-bn is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406035
        • AND
          • comment openoffice.org2-langpack-ca_ES is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175024
          • comment openoffice.org2-langpack-ca_ES is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406047
        • AND
          • comment openoffice.org2-langpack-cs_CZ is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175022
          • comment openoffice.org2-langpack-cs_CZ is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406109
        • AND
          • comment openoffice.org2-langpack-cy_GB is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175068
          • comment openoffice.org2-langpack-cy_GB is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406027
        • AND
          • comment openoffice.org2-langpack-da_DK is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175016
          • comment openoffice.org2-langpack-da_DK is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406125
        • AND
          • comment openoffice.org2-langpack-de is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175030
          • comment openoffice.org2-langpack-de is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406119
        • AND
          • comment openoffice.org2-langpack-el_GR is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175040
          • comment openoffice.org2-langpack-el_GR is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406127
        • AND
          • comment openoffice.org2-langpack-es is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175102
          • comment openoffice.org2-langpack-es is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406071
        • AND
          • comment openoffice.org2-langpack-et_EE is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175100
          • comment openoffice.org2-langpack-et_EE is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406061
        • AND
          • comment openoffice.org2-langpack-eu_ES is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175050
          • comment openoffice.org2-langpack-eu_ES is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406019
        • AND
          • comment openoffice.org2-langpack-fi_FI is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175086
          • comment openoffice.org2-langpack-fi_FI is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406117
        • AND
          • comment openoffice.org2-langpack-fr is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175104
          • comment openoffice.org2-langpack-fr is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406123
        • AND
          • comment openoffice.org2-langpack-ga_IE is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175094
          • comment openoffice.org2-langpack-ga_IE is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406053
        • AND
          • comment openoffice.org2-langpack-gl_ES is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175008
          • comment openoffice.org2-langpack-gl_ES is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406041
        • AND
          • comment openoffice.org2-langpack-gu_IN is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175108
          • comment openoffice.org2-langpack-gu_IN is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406087
        • AND
          • comment openoffice.org2-langpack-he_IL is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175110
          • comment openoffice.org2-langpack-he_IL is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406083
        • AND
          • comment openoffice.org2-langpack-hi_IN is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175048
          • comment openoffice.org2-langpack-hi_IN is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406017
        • AND
          • comment openoffice.org2-langpack-hr_HR is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175116
          • comment openoffice.org2-langpack-hr_HR is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406121
        • AND
          • comment openoffice.org2-langpack-hu_HU is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175002
          • comment openoffice.org2-langpack-hu_HU is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406023
        • AND
          • comment openoffice.org2-langpack-it is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175054
          • comment openoffice.org2-langpack-it is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406043
        • AND
          • comment openoffice.org2-langpack-ja_JP is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175046
          • comment openoffice.org2-langpack-ja_JP is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406055
        • AND
          • comment openoffice.org2-langpack-ko_KR is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175020
          • comment openoffice.org2-langpack-ko_KR is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406079
        • AND
          • comment openoffice.org2-langpack-lt_LT is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175060
          • comment openoffice.org2-langpack-lt_LT is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406077
        • AND
          • comment openoffice.org2-langpack-ms_MY is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175032
          • comment openoffice.org2-langpack-ms_MY is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406021
        • AND
          • comment openoffice.org2-langpack-nb_NO is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175084
          • comment openoffice.org2-langpack-nb_NO is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406111
        • AND
          • comment openoffice.org2-langpack-nl is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175042
          • comment openoffice.org2-langpack-nl is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406039
        • AND
          • comment openoffice.org2-langpack-nn_NO is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175052
          • comment openoffice.org2-langpack-nn_NO is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406031
        • AND
          • comment openoffice.org2-langpack-pa_IN is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175080
          • comment openoffice.org2-langpack-pa_IN is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406025
        • AND
          • comment openoffice.org2-langpack-pl_PL is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175014
          • comment openoffice.org2-langpack-pl_PL is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406075
        • AND
          • comment openoffice.org2-langpack-pt_BR is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175058
          • comment openoffice.org2-langpack-pt_BR is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406101
        • AND
          • comment openoffice.org2-langpack-pt_PT is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175026
          • comment openoffice.org2-langpack-pt_PT is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406113
        • AND
          • comment openoffice.org2-langpack-ru is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175004
          • comment openoffice.org2-langpack-ru is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406091
        • AND
          • comment openoffice.org2-langpack-sk_SK is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175098
          • comment openoffice.org2-langpack-sk_SK is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406059
        • AND
          • comment openoffice.org2-langpack-sl_SI is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175082
          • comment openoffice.org2-langpack-sl_SI is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406051
        • AND
          • comment openoffice.org2-langpack-sr_CS is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175012
          • comment openoffice.org2-langpack-sr_CS is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406107
        • AND
          • comment openoffice.org2-langpack-sv is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175018
          • comment openoffice.org2-langpack-sv is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406093
        • AND
          • comment openoffice.org2-langpack-ta_IN is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175034
          • comment openoffice.org2-langpack-ta_IN is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406015
        • AND
          • comment openoffice.org2-langpack-th_TH is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175088
          • comment openoffice.org2-langpack-th_TH is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406085
        • AND
          • comment openoffice.org2-langpack-tr_TR is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175028
          • comment openoffice.org2-langpack-tr_TR is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406081
        • AND
          • comment openoffice.org2-langpack-zh_CN is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175112
          • comment openoffice.org2-langpack-zh_CN is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406029
        • AND
          • comment openoffice.org2-langpack-zh_TW is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175036
          • comment openoffice.org2-langpack-zh_TW is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406089
        • AND
          • comment openoffice.org2-langpack-zu_ZA is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175072
          • comment openoffice.org2-langpack-zu_ZA is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406063
        • AND
          • comment openoffice.org2-math is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175078
          • comment openoffice.org2-math is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406065
        • AND
          • comment openoffice.org2-pyuno is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175106
          • comment openoffice.org2-pyuno is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406045
        • AND
          • comment openoffice.org2-testtools is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175038
          • comment openoffice.org2-testtools is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406033
        • AND
          • comment openoffice.org2-writer is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175090
          • comment openoffice.org2-writer is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406115
        • AND
          • comment openoffice.org2-xsltfilter is earlier than 1:2.0.4-5.7.0.4.0
            oval oval:com.redhat.rhsa:tst:20080175092
          • comment openoffice.org2-xsltfilter is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070406057
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment openoffice.org-base is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175165
          • comment openoffice.org-base is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069029
        • AND
          • comment openoffice.org-calc is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175239
          • comment openoffice.org-calc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069039
        • AND
          • comment openoffice.org-core is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175199
          • comment openoffice.org-core is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069143
        • AND
          • comment openoffice.org-draw is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175249
          • comment openoffice.org-draw is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069047
        • AND
          • comment openoffice.org-emailmerge is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175179
          • comment openoffice.org-emailmerge is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069037
        • AND
          • comment openoffice.org-graphicfilter is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175127
          • comment openoffice.org-graphicfilter is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069061
        • AND
          • comment openoffice.org-impress is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175255
          • comment openoffice.org-impress is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069121
        • AND
          • comment openoffice.org-javafilter is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175119
          • comment openoffice.org-javafilter is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069087
        • AND
          • comment openoffice.org-langpack-af_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175193
          • comment openoffice.org-langpack-af_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069091
        • AND
          • comment openoffice.org-langpack-ar is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175247
          • comment openoffice.org-langpack-ar is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069051
        • AND
          • comment openoffice.org-langpack-as_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175229
          • comment openoffice.org-langpack-as_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069147
        • AND
          • comment openoffice.org-langpack-bg_BG is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175183
          • comment openoffice.org-langpack-bg_BG is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069093
        • AND
          • comment openoffice.org-langpack-bn is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175149
          • comment openoffice.org-langpack-bn is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069115
        • AND
          • comment openoffice.org-langpack-ca_ES is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175245
          • comment openoffice.org-langpack-ca_ES is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069117
        • AND
          • comment openoffice.org-langpack-cs_CZ is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175181
          • comment openoffice.org-langpack-cs_CZ is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069021
        • AND
          • comment openoffice.org-langpack-cy_GB is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175259
          • comment openoffice.org-langpack-cy_GB is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069023
        • AND
          • comment openoffice.org-langpack-da_DK is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175217
          • comment openoffice.org-langpack-da_DK is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069089
        • AND
          • comment openoffice.org-langpack-de is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175167
          • comment openoffice.org-langpack-de is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069119
        • AND
          • comment openoffice.org-langpack-el_GR is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175191
          • comment openoffice.org-langpack-el_GR is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069095
        • AND
          • comment openoffice.org-langpack-es is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175123
          • comment openoffice.org-langpack-es is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069139
        • AND
          • comment openoffice.org-langpack-et_EE is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175235
          • comment openoffice.org-langpack-et_EE is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069003
        • AND
          • comment openoffice.org-langpack-eu_ES is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175175
          • comment openoffice.org-langpack-eu_ES is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069025
        • AND
          • comment openoffice.org-langpack-fi_FI is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175125
          • comment openoffice.org-langpack-fi_FI is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069043
        • AND
          • comment openoffice.org-langpack-fr is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175257
          • comment openoffice.org-langpack-fr is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069109
        • AND
          • comment openoffice.org-langpack-ga_IE is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175133
          • comment openoffice.org-langpack-ga_IE is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069131
        • AND
          • comment openoffice.org-langpack-gl_ES is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175213
          • comment openoffice.org-langpack-gl_ES is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069073
        • AND
          • comment openoffice.org-langpack-gu_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175207
          • comment openoffice.org-langpack-gu_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069033
        • AND
          • comment openoffice.org-langpack-he_IL is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175129
          • comment openoffice.org-langpack-he_IL is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069005
        • AND
          • comment openoffice.org-langpack-hi_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175243
          • comment openoffice.org-langpack-hi_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069083
        • AND
          • comment openoffice.org-langpack-hr_HR is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175153
          • comment openoffice.org-langpack-hr_HR is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069041
        • AND
          • comment openoffice.org-langpack-hu_HU is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175205
          • comment openoffice.org-langpack-hu_HU is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069045
        • AND
          • comment openoffice.org-langpack-it is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175211
          • comment openoffice.org-langpack-it is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069009
        • AND
          • comment openoffice.org-langpack-ja_JP is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175195
          • comment openoffice.org-langpack-ja_JP is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069113
        • AND
          • comment openoffice.org-langpack-kn_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175223
          • comment openoffice.org-langpack-kn_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069133
        • AND
          • comment openoffice.org-langpack-ko_KR is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175135
          • comment openoffice.org-langpack-ko_KR is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069065
        • AND
          • comment openoffice.org-langpack-lt_LT is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175155
          • comment openoffice.org-langpack-lt_LT is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069145
        • AND
          • comment openoffice.org-langpack-ml_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175145
          • comment openoffice.org-langpack-ml_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069035
        • AND
          • comment openoffice.org-langpack-mr_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175147
          • comment openoffice.org-langpack-mr_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069031
        • AND
          • comment openoffice.org-langpack-ms_MY is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175189
          • comment openoffice.org-langpack-ms_MY is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069099
        • AND
          • comment openoffice.org-langpack-nb_NO is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175131
          • comment openoffice.org-langpack-nb_NO is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069081
        • AND
          • comment openoffice.org-langpack-nl is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175215
          • comment openoffice.org-langpack-nl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069057
        • AND
          • comment openoffice.org-langpack-nn_NO is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175209
          • comment openoffice.org-langpack-nn_NO is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069111
        • AND
          • comment openoffice.org-langpack-nr_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175143
          • comment openoffice.org-langpack-nr_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069011
        • AND
          • comment openoffice.org-langpack-nso_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175185
          • comment openoffice.org-langpack-nso_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069077
        • AND
          • comment openoffice.org-langpack-or_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175169
          • comment openoffice.org-langpack-or_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069007
        • AND
          • comment openoffice.org-langpack-pa_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175177
          • comment openoffice.org-langpack-pa_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069013
        • AND
          • comment openoffice.org-langpack-pl_PL is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175141
          • comment openoffice.org-langpack-pl_PL is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069103
        • AND
          • comment openoffice.org-langpack-pt_BR is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175251
          • comment openoffice.org-langpack-pt_BR is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069069
        • AND
          • comment openoffice.org-langpack-pt_PT is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175137
          • comment openoffice.org-langpack-pt_PT is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069107
        • AND
          • comment openoffice.org-langpack-ru is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175225
          • comment openoffice.org-langpack-ru is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069105
        • AND
          • comment openoffice.org-langpack-sk_SK is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175151
          • comment openoffice.org-langpack-sk_SK is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069137
        • AND
          • comment openoffice.org-langpack-sl_SI is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175261
          • comment openoffice.org-langpack-sl_SI is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069019
        • AND
          • comment openoffice.org-langpack-sr_CS is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175231
          • comment openoffice.org-langpack-sr_CS is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069049
        • AND
          • comment openoffice.org-langpack-ss_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175161
          • comment openoffice.org-langpack-ss_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069015
        • AND
          • comment openoffice.org-langpack-st_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175139
          • comment openoffice.org-langpack-st_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069055
        • AND
          • comment openoffice.org-langpack-sv is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175201
          • comment openoffice.org-langpack-sv is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069067
        • AND
          • comment openoffice.org-langpack-ta_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175221
          • comment openoffice.org-langpack-ta_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069135
        • AND
          • comment openoffice.org-langpack-te_IN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175203
          • comment openoffice.org-langpack-te_IN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069141
        • AND
          • comment openoffice.org-langpack-th_TH is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175197
          • comment openoffice.org-langpack-th_TH is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069017
        • AND
          • comment openoffice.org-langpack-tn_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175263
          • comment openoffice.org-langpack-tn_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069059
        • AND
          • comment openoffice.org-langpack-tr_TR is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175233
          • comment openoffice.org-langpack-tr_TR is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069079
        • AND
          • comment openoffice.org-langpack-ts_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175163
          • comment openoffice.org-langpack-ts_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069125
        • AND
          • comment openoffice.org-langpack-ur is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175171
          • comment openoffice.org-langpack-ur is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069071
        • AND
          • comment openoffice.org-langpack-ve_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175253
          • comment openoffice.org-langpack-ve_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069053
        • AND
          • comment openoffice.org-langpack-xh_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175187
          • comment openoffice.org-langpack-xh_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069129
        • AND
          • comment openoffice.org-langpack-zh_CN is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175173
          • comment openoffice.org-langpack-zh_CN is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069127
        • AND
          • comment openoffice.org-langpack-zh_TW is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175219
          • comment openoffice.org-langpack-zh_TW is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069097
        • AND
          • comment openoffice.org-langpack-zu_ZA is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175237
          • comment openoffice.org-langpack-zu_ZA is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069101
        • AND
          • comment openoffice.org-math is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175159
          • comment openoffice.org-math is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069063
        • AND
          • comment openoffice.org-pyuno is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175241
          • comment openoffice.org-pyuno is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069085
        • AND
          • comment openoffice.org-testtools is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175157
          • comment openoffice.org-testtools is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069075
        • AND
          • comment openoffice.org-writer is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175227
          • comment openoffice.org-writer is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069027
        • AND
          • comment openoffice.org-xsltfilter is earlier than 1:2.0.4-5.4.26
            oval oval:com.redhat.rhsa:tst:20080175121
          • comment openoffice.org-xsltfilter is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070069123
    rhsa
    id RHSA-2008:0175
    released 2008-04-17
    severity Important
    title RHSA-2008:0175: openoffice.org security update (Important)
  • bugzilla
    id 435676
    title CVE-2008-0320 openoffice.org: OLE files parsing heap overflows
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhsa:tst:20060015001
      • OR
        • AND
          • comment openoffice.org is earlier than 0:1.1.2-41.2.0.EL3
            oval oval:com.redhat.rhsa:tst:20080176002
          • comment openoffice.org is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070001003
        • AND
          • comment openoffice.org-i18n is earlier than 0:1.1.2-41.2.0.EL3
            oval oval:com.redhat.rhsa:tst:20080176006
          • comment openoffice.org-i18n is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070001007
        • AND
          • comment openoffice.org-libs is earlier than 0:1.1.2-41.2.0.EL3
            oval oval:com.redhat.rhsa:tst:20080176004
          • comment openoffice.org-libs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070001005
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhsa:tst:20060016001
      • OR
        • AND
          • comment openoffice.org is earlier than 0:1.1.5-10.6.0.3.EL4
            oval oval:com.redhat.rhsa:tst:20080176009
          • comment openoffice.org is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070001003
        • AND
          • comment openoffice.org-i18n is earlier than 0:1.1.5-10.6.0.3.EL4
            oval oval:com.redhat.rhsa:tst:20080176011
          • comment openoffice.org-i18n is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070001007
        • AND
          • comment openoffice.org-kde is earlier than 0:1.1.5-10.6.0.3.EL4
            oval oval:com.redhat.rhsa:tst:20080176012
          • comment openoffice.org-kde is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070001012
        • AND
          • comment openoffice.org-libs is earlier than 0:1.1.5-10.6.0.3.EL4
            oval oval:com.redhat.rhsa:tst:20080176010
          • comment openoffice.org-libs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070001005
    rhsa
    id RHSA-2008:0176
    released 2008-04-17
    severity Important
    title RHSA-2008:0176: openoffice.org security update (Important)
rpms
  • openoffice.org2-base-1:2.0.4-5.7.0.4.0
  • openoffice.org2-calc-1:2.0.4-5.7.0.4.0
  • openoffice.org2-core-1:2.0.4-5.7.0.4.0
  • openoffice.org2-draw-1:2.0.4-5.7.0.4.0
  • openoffice.org2-emailmerge-1:2.0.4-5.7.0.4.0
  • openoffice.org2-graphicfilter-1:2.0.4-5.7.0.4.0
  • openoffice.org2-impress-1:2.0.4-5.7.0.4.0
  • openoffice.org2-javafilter-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-af_ZA-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ar-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-bg_BG-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-bn-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ca_ES-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-cs_CZ-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-cy_GB-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-da_DK-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-de-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-el_GR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-es-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-et_EE-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-eu_ES-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-fi_FI-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-fr-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ga_IE-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-gl_ES-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-gu_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-he_IL-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-hi_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-hr_HR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-hu_HU-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-it-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ja_JP-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ko_KR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-lt_LT-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ms_MY-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-nb_NO-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-nl-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-nn_NO-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pa_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pl_PL-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pt_BR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pt_PT-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ru-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sk_SK-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sl_SI-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sr_CS-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sv-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ta_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-th_TH-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-tr_TR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-zh_CN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-zh_TW-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-zu_ZA-1:2.0.4-5.7.0.4.0
  • openoffice.org2-math-1:2.0.4-5.7.0.4.0
  • openoffice.org2-pyuno-1:2.0.4-5.7.0.4.0
  • openoffice.org2-testtools-1:2.0.4-5.7.0.4.0
  • openoffice.org2-writer-1:2.0.4-5.7.0.4.0
  • openoffice.org2-xsltfilter-1:2.0.4-5.7.0.4.0
  • openoffice.org-base-1:2.0.4-5.4.26
  • openoffice.org-calc-1:2.0.4-5.4.26
  • openoffice.org-core-1:2.0.4-5.4.26
  • openoffice.org-draw-1:2.0.4-5.4.26
  • openoffice.org-emailmerge-1:2.0.4-5.4.26
  • openoffice.org-graphicfilter-1:2.0.4-5.4.26
  • openoffice.org-impress-1:2.0.4-5.4.26
  • openoffice.org-javafilter-1:2.0.4-5.4.26
  • openoffice.org-langpack-af_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-ar-1:2.0.4-5.4.26
  • openoffice.org-langpack-as_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-bg_BG-1:2.0.4-5.4.26
  • openoffice.org-langpack-bn-1:2.0.4-5.4.26
  • openoffice.org-langpack-ca_ES-1:2.0.4-5.4.26
  • openoffice.org-langpack-cs_CZ-1:2.0.4-5.4.26
  • openoffice.org-langpack-cy_GB-1:2.0.4-5.4.26
  • openoffice.org-langpack-da_DK-1:2.0.4-5.4.26
  • openoffice.org-langpack-de-1:2.0.4-5.4.26
  • openoffice.org-langpack-el_GR-1:2.0.4-5.4.26
  • openoffice.org-langpack-es-1:2.0.4-5.4.26
  • openoffice.org-langpack-et_EE-1:2.0.4-5.4.26
  • openoffice.org-langpack-eu_ES-1:2.0.4-5.4.26
  • openoffice.org-langpack-fi_FI-1:2.0.4-5.4.26
  • openoffice.org-langpack-fr-1:2.0.4-5.4.26
  • openoffice.org-langpack-ga_IE-1:2.0.4-5.4.26
  • openoffice.org-langpack-gl_ES-1:2.0.4-5.4.26
  • openoffice.org-langpack-gu_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-he_IL-1:2.0.4-5.4.26
  • openoffice.org-langpack-hi_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-hr_HR-1:2.0.4-5.4.26
  • openoffice.org-langpack-hu_HU-1:2.0.4-5.4.26
  • openoffice.org-langpack-it-1:2.0.4-5.4.26
  • openoffice.org-langpack-ja_JP-1:2.0.4-5.4.26
  • openoffice.org-langpack-kn_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-ko_KR-1:2.0.4-5.4.26
  • openoffice.org-langpack-lt_LT-1:2.0.4-5.4.26
  • openoffice.org-langpack-ml_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-mr_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-ms_MY-1:2.0.4-5.4.26
  • openoffice.org-langpack-nb_NO-1:2.0.4-5.4.26
  • openoffice.org-langpack-nl-1:2.0.4-5.4.26
  • openoffice.org-langpack-nn_NO-1:2.0.4-5.4.26
  • openoffice.org-langpack-nr_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-nso_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-or_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-pa_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-pl_PL-1:2.0.4-5.4.26
  • openoffice.org-langpack-pt_BR-1:2.0.4-5.4.26
  • openoffice.org-langpack-pt_PT-1:2.0.4-5.4.26
  • openoffice.org-langpack-ru-1:2.0.4-5.4.26
  • openoffice.org-langpack-sk_SK-1:2.0.4-5.4.26
  • openoffice.org-langpack-sl_SI-1:2.0.4-5.4.26
  • openoffice.org-langpack-sr_CS-1:2.0.4-5.4.26
  • openoffice.org-langpack-ss_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-st_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-sv-1:2.0.4-5.4.26
  • openoffice.org-langpack-ta_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-te_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-th_TH-1:2.0.4-5.4.26
  • openoffice.org-langpack-tn_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-tr_TR-1:2.0.4-5.4.26
  • openoffice.org-langpack-ts_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-ur-1:2.0.4-5.4.26
  • openoffice.org-langpack-ve_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-xh_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-zh_CN-1:2.0.4-5.4.26
  • openoffice.org-langpack-zh_TW-1:2.0.4-5.4.26
  • openoffice.org-langpack-zu_ZA-1:2.0.4-5.4.26
  • openoffice.org-math-1:2.0.4-5.4.26
  • openoffice.org-pyuno-1:2.0.4-5.4.26
  • openoffice.org-testtools-1:2.0.4-5.4.26
  • openoffice.org-writer-1:2.0.4-5.4.26
  • openoffice.org-xsltfilter-1:2.0.4-5.4.26
  • openoffice.org-0:1.1.2-41.2.0.EL3
  • openoffice.org-i18n-0:1.1.2-41.2.0.EL3
  • openoffice.org-libs-0:1.1.2-41.2.0.EL3
  • openoffice.org-0:1.1.5-10.6.0.3.EL4
  • openoffice.org-i18n-0:1.1.5-10.6.0.3.EL4
  • openoffice.org-kde-0:1.1.5-10.6.0.3.EL4
  • openoffice.org-libs-0:1.1.5-10.6.0.3.EL4
refmap via4
bid 28819
confirm
debian DSA-1547
fedora FEDORA-2008-3251
gentoo GLSA-200805-16
idefense 20080417 Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability
mandriva
  • MDVSA-2008:090
  • MDVSA-2008:095
sectrack 1019890
secunia
  • 29844
  • 29852
  • 29864
  • 29871
  • 29910
  • 29913
  • 29987
  • 30100
  • 30179
sunalert 231642
suse SUSE-SA:2008:023
ubuntu USN-609-1
vupen
  • ADV-2008-1253
  • ADV-2008-1375
xf openoffice-ole-bo(41860)
saint via4
bid 28819
description OpenOffice OLE importer DocumentSummaryInformation buffer overflow
id misc_openoffice
osvdb 44472
title openoffice_ole_importer
type client
Last major update 07-03-2011 - 00:00
Published 17-04-2008 - 15:05
Last modified 28-09-2017 - 21:30
Back to Top