Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:103: OpenOffice.org Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the OpenOffice.org package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:103 (OpenOffice.org).
A vulnerability in OpenOffice.org was reported by pmladek where a local user may
be able to obtain and read documents that belong to another user. The way that
OpenOffice.org created temporary files, which used the user's umask to create
the file, could potentially allow for other users to have read access to the
document (again, dependant upon the user's umask).
The updated packages have been patched to prevent this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:103
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.