Mandriva Update For Openoffice.org MDKSA-2007:073 (openoffice.org) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Stack-based buffer overflow in the StarCalc parser in OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. (CVE-2007-0238) OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. (CVE-2007-0239) Updated packages have been patched to correct these issues.

Affected

openoffice.org on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64

Severity

Classification

CVE CVE-2007-0238, CVE-2007-0239
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:159 (mysql)
Mandrake Security Advisory MDVSA-2009:153 (dhcp)
Mandrake Security Advisory MDVSA-2009:099 (openafs)
Mandrake Security Advisory MDVSA-2009:183 (apache-mod_security)
Mandrake Security Advisory MDVSA-2009:050-1 (python-pycrypto)

Mandriva Update for openoffice.org MDKSA-2007:073 (openoffice.org)

Take action and discover your vulnerabilities