|
|
Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2007:001: OpenOffice_org Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the OpenOffice_org package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2007:001 (OpenOffice_org).
Security problems were fixed in the WMF and Enhanced WMF handling
in OpenOffice_org These could potentially be used to execute code
or crash OpenOffice when a user could be convinced to open specially
crafted document (for instance a document sent by E-mail).
This issue is tracked by the Mitre CVE ID CVE-2006-5870.
openSUSE 10.2 is not affected by this problem, it already contains
the fixed OpenOffice_org 2.1 version.
Additionally the OpenOffice_org 2.0 version in SLED 10 was fitted with
hooks to add OfficeXML support with a later update.
Due to the very large size of this update and mirror lag it might
take some hours or days until the updates are available on our mirrors.
Solution : http://www.suse.de/security/http://www.novell.com/linux/security/advisories/2007_01_openoffice.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
