Test ID:	1.3.6.1.4.1.25623.1.0.59437
Category:	Fedora Local Security Checks
Title:	Fedora Core 5 FEDORA-2007-005 (openoffice.org)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to openoffice.org announced via advisory FEDORA-2007-005. OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. Usage: Simply type ooffice to run OpenOffice.org or select the requested component (Writer, Calc, Draw, Impress, etc.) from your desktop menu. On first start a few files will be installed in the user's home, if necessary. The OpenOffice.org team hopes you enjoy working with OpenOffice.org! Update Information: Rectifies an error patch condition where by corrupt wmf/emf files with out of bounds values in the emf/wmf file could enable an attacker by constructing a malicious file to execute arbitrary code if opened in OpenOffice by a victim. * Mon Dec 4 2006 Caolan McNamara - 1:2.0.2-5.20 - Resolves: rhbz#217347 openoffice.org-2.1.0.ooo70042.wmfoverflow.svtools.patch * Wed Sep 27 2006 Caolan McNamara - 1:2.0.2-5.19 - add openoffice.org-2.0.4.ooo69236.slideshow.esccrash.patch for rh#206177# - add openoffice.org-2.0.4.ooo63086.vcl.focusfollowsmouse.patch for rh#206051# * Tue Sep 5 2006 Caolan McNamara - 1:2.0.2-5.18 - add openoffice.org-2.0.3.ooo67740.xmlhelp.doublefree.patch - add openoffice.org-2.0.4.ooo69213.xmlhelp.db4.patch * Fri Jul 7 2006 Caolan McNamara - 1:2.0.2-5.17 - rh#197618# add openoffice.org-2.0.1.ooo64206.sfx2.saveas.patch - add openoffice.org.2.0.3.ooo66510.shell.recentlyused.patch to make ~ /.recently-used safe - add openoffice.org-2.0.3.rh187919.gtkunderkde.patch - rh#198603# gcc ate my office suite, add openoffice.org-2.0.3.gcc28357.binfilter.constcrash.patch - gcc#28370# I'm suspicious of these statics lately * Fri Jun 30 2006 Caolan McNamara - 1:2.0.2-5.16 - CVE-2006-2198 macro security - CVE-2006-2199 java applets - CVE-2006-3117 corrupt file format - rh#195637# add openoffice.org-2.0.3.ooo65519.printing.samba.patch - add openoffice.org.2.0.3-ooo66018.cppuhelper.dangerousvisibility.patch to fix visibility problem * Thu Jun 8 2006 Caolan McNamara - 1:2.0.2-5.13 - rh#193918# add openoffice.org.2.0.3.ooo66067.embeddedobj.crash.patch Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2007-005 Risk factor : High CVSS Score: 7.6
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2198 BugTraq ID: 18738 http://www.securityfocus.com/bid/18738 Bugtraq: 20060926 rPSA-2006-0173-1 openoffice.org (Google Search) http://www.securityfocus.com/archive/1/447035/100/0/threaded CERT/CC vulnerability note: VU#170113 http://www.kb.cert.org/vuls/id/170113 Debian Security Information: DSA-1104 (Google Search) http://www.debian.org/security/2006/dsa-1104 http://fedoranews.org/cms/node/2343 http://security.gentoo.org/glsa/glsa-200607-12.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:118 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082 http://www.redhat.com/support/errata/RHSA-2006-0573.html http://securitytracker.com/id?1016414 http://secunia.com/advisories/20867 http://secunia.com/advisories/20893 http://secunia.com/advisories/20910 http://secunia.com/advisories/20911 http://secunia.com/advisories/20913 http://secunia.com/advisories/20975 http://secunia.com/advisories/20995 http://secunia.com/advisories/21278 http://secunia.com/advisories/22129 http://secunia.com/advisories/23620 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1 SuSE Security Announcement: SUSE-SA:2006:040 (Google Search) http://www.novell.com/linux/security/advisories/2006_40_openoffice.html http://www.ubuntu.com/usn/usn-313-1 http://www.ubuntu.com/usn/usn-313-2 http://www.vupen.com/english/advisories/2006/2607 http://www.vupen.com/english/advisories/2006/2621 XForce ISS Database: openoffice-macro-code-execution(27564) https://exchange.xforce.ibmcloud.com/vulnerabilities/27564 Common Vulnerability Exposure (CVE) ID: CVE-2006-2199 BugTraq ID: 18737 http://www.securityfocus.com/bid/18737 CERT/CC vulnerability note: VU#243681 http://www.kb.cert.org/vuls/id/243681 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1 XForce ISS Database: openoffice-applet-sandbox-bypass(27569) https://exchange.xforce.ibmcloud.com/vulnerabilities/27569 Common Vulnerability Exposure (CVE) ID: CVE-2006-3117 BugTraq ID: 18739 http://www.securityfocus.com/bid/18739 http://www.ngssoftware.com/advisories/openoffice.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1 XForce ISS Database: openoffice-xml-document-bo(27571) https://exchange.xforce.ibmcloud.com/vulnerabilities/27571
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.