|
Family: Ubuntu Local Security Checks --> Category: infos
USN202-1 : koffice vulnerability Vulnerability Scan
Vulnerability Scan Summary koffice vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- karbon
- kchart
- kformula
- kivio
- kivio-data
- koffice
- koffice-data
- koffice-dev
- koffice-doc-html
- koffice-libs
- koshell
- kpresenter
- kspread
- kugar
- kword
Description :
Chris Evans discovered a buffer overflow in the RTF import module of
KOffice. By tricking a user into opening a specially-crafted RTF file,
a possible hacker could exploit this to execute arbitrary code with the
rights of the AbiWord user.
Solution :
Upgrade to :
- karbon-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- kchart-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- kformula-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- kivio-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- kivio-data-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- koffice-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- koffice-data-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- koffice-dev-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- koffice-doc-html-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- koffice-libs-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- koshell-1.3.5-2ubuntu1.1 (Ubuntu 5.04)
- kpresenter-1.3.5-2ubu
[...]
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|