ID de Prueba:	1.3.6.1.4.1.25623.1.0.71231
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:062 (openoffice.org)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to openoffice.org announced via advisory MDVSA-2012:062. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2012-0037). The updated packages have been patched to correct this issue. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:062 http://www.libreoffice.org/advisories/CVE-2012-0037/ Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0037 1026837 http://www.securitytracker.com/id?1026837 48479 http://secunia.com/advisories/48479 48493 http://secunia.com/advisories/48493 48494 http://secunia.com/advisories/48494 48526 http://secunia.com/advisories/48526 48529 http://secunia.com/advisories/48529 48542 http://secunia.com/advisories/48542 48649 http://secunia.com/advisories/48649 50692 http://secunia.com/advisories/50692 52681 http://www.securityfocus.com/bid/52681 60799 http://secunia.com/advisories/60799 80307 http://www.osvdb.org/80307 DSA-2438 http://www.debian.org/security/2012/dsa-2438 FEDORA-2012-4629 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html FEDORA-2012-4663 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html GLSA-201209-05 http://security.gentoo.org/glsa/glsa-201209-05.xml GLSA-201408-19 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MDVSA-2012:061 http://www.mandriva.com/security/advisories?name=MDVSA-2012:061 MDVSA-2012:062 http://www.mandriva.com/security/advisories?name=MDVSA-2012:062 MDVSA-2012:063 http://www.mandriva.com/security/advisories?name=MDVSA-2012:063 RHSA-2012:0410 http://rhn.redhat.com/errata/RHSA-2012-0410.html RHSA-2012:0411 http://rhn.redhat.com/errata/RHSA-2012-0411.html [openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E [oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) http://www.openwall.com/lists/oss-security/2012/03/27/4 http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/ http://librdf.org/raptor/RELEASE.html#rel2_0_7 http://vsecurity.com/resources/advisory/20120324-1/ http://www.libreoffice.org/advisories/CVE-2012-0037/ http://www.openoffice.org/security/cves/CVE-2012-0037.html https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0 openoffice-xml-info-disclosure(74235) https://exchange.xforce.ibmcloud.com/vulnerabilities/74235
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.