SuSE Update For OpenOffice_org SUSE-SA:2007:037 Network Vulnerability

Impact

remote code execution

Solution

Please Install the Updated Packages.

Insight

The Office suite OpenOffice_org was updated to fix a heap buffer overflow in its RTF parser. This issue could be used by attackers sending specially crafted RTF files to potentially execute code and it is tracked by the Mitre CVE ID CVE-2007-0245. Packages for SUSE Linux 10.0, SUSE Linux 10.1 and openSUSE 10.2 on June 20th, for SUSE Linux Desktop 1.0 and Novell Linux Desktop on June 15th, for SUSE Linux Enterprise Desktop 10 on June 28th. For SUSE Linux Enterprise 10 additional non-security bugs were fixed.

Affected

OpenOffice_org on SUSE LINUX 10.1, openSUSE 10.2, Novell Linux Desktop 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1

References

http://www.novell.com/linux/security/advisories/2007_37_openoffice.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-0245
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Security update for IBM Java 1.4.2
SLES10: Security update for multipath-tools
SLES10: Security update for MozillaFirefox
SLES10: Security update for Cups
SLES10: Security update for MozillaFirefox

SuSE Update for OpenOffice_org SUSE-SA:2007:037

Take action and discover your vulnerabilities