Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.880597
Category:CentOS Local Security Checks
Title:CentOS Update for openoffice.org-base CESA-2010:0459 centos5 i386
Summary:The remote host is missing an update for the 'openoffice.org-base'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'openoffice.org-base'
package(s) announced via the referenced advisory.

Vulnerability Insight:
OpenOffice.org is an office productivity suite that includes desktop
applications, such as a word processor, spreadsheet application,
presentation manager, formula editor, and a drawing program.

A flaw was found in the way OpenOffice.org enforced a macro security
setting for macros, written in the Python scripting language, that were
embedded in OpenOffice.org documents. If a user were tricked into opening
a specially-crafted OpenOffice.org document and previewed the macro
directory structure, it could lead to Python macro execution even if macro
execution was disabled. (CVE-2010-0395)

All users of OpenOffice.org are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue. For Red
Hat Enterprise Linux 4, this erratum provides updated openoffice.org2
packages. For Red Hat Enterprise Linux 5, this erratum provides updated
openoffice.org packages. All running instances of OpenOffice.org
applications must be restarted for this update to take effect.

Affected Software/OS:
openoffice.org-base on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-0395
Cert/CC Advisory: TA10-287A
http://www.us-cert.gov/cas/techalerts/TA10-287A.html
Debian Security Information: DSA-2055 (Google Search)
http://www.debian.org/security/2010/dsa-2055
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042468.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042529.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042534.html
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:221
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11091
http://www.redhat.com/support/errata/RHSA-2010-0459.html
http://secunia.com/advisories/40070
http://secunia.com/advisories/40084
http://secunia.com/advisories/40104
http://secunia.com/advisories/40107
http://secunia.com/advisories/41818
http://secunia.com/advisories/60799
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://ubuntu.com/usn/usn-949-1
http://www.vupen.com/english/advisories/2010/1350
http://www.vupen.com/english/advisories/2010/1353
http://www.vupen.com/english/advisories/2010/1366
http://www.vupen.com/english/advisories/2010/1369
http://www.vupen.com/english/advisories/2010/2905
CopyrightCopyright (c) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.