ID de Prueba:	1.3.6.1.4.1.25623.1.0.60752
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:090 (OpenOffice.org)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to OpenOffice.org announced via advisory MDVSA-2008:090. A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened (CVE-2007-5746). A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code (CVE-2008-0320). The updated packages have been patched to correct these issues. Affected: Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:090 Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5746 BugTraq ID: 28819 http://www.securityfocus.com/bid/28819 Debian Security Information: DSA-1547 (Google Search) http://www.debian.org/security/2008/dsa-1547 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00448.html http://security.gentoo.org/glsa/glsa-200805-16.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=692 http://www.mandriva.com/security/advisories?name=MDVSA-2008:090 http://www.mandriva.com/security/advisories?name=MDVSA-2008:095 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10249 http://www.redhat.com/support/errata/RHSA-2008-0175.html http://www.redhat.com/support/errata/RHSA-2008-0176.html http://www.securitytracker.com/id?1019892 http://secunia.com/advisories/29844 http://secunia.com/advisories/29852 http://secunia.com/advisories/29864 http://secunia.com/advisories/29871 http://secunia.com/advisories/29910 http://secunia.com/advisories/29913 http://secunia.com/advisories/29987 http://secunia.com/advisories/30100 http://secunia.com/advisories/30179 http://sunsolve.sun.com/search/document.do?assetkey=1-66-231661-1 SuSE Security Announcement: SUSE-SA:2008:023 (Google Search) http://www.novell.com/linux/security/advisories/2008_23_openoffice.html http://www.ubuntu.com/usn/usn-609-1 http://www.vupen.com/english/advisories/2008/1253/references http://www.vupen.com/english/advisories/2008/1375/references XForce ISS Database: openoffice-emf-bo(41861) https://exchange.xforce.ibmcloud.com/vulnerabilities/41861 Common Vulnerability Exposure (CVE) ID: CVE-2008-0320 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=694 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10318 http://www.securitytracker.com/id?1019890 http://sunsolve.sun.com/search/document.do?assetkey=1-26-231642-1 XForce ISS Database: openoffice-ole-bo(41860) https://exchange.xforce.ibmcloud.com/vulnerabilities/41860
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.