Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:com.altx-soft.nix:def:13500
[Rus]
Version
10
Class
patch
ALTXid
27751
Language
English
Severity
NotAvailable
Title
USN-903-1 -- openoffice.org vulnerabilities
Description
It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. Sebastian Apelt and Frank Reißner discovered that OpenOffice did not correctly import XPM and GIF images. If a user were tricked into opening a specially crafted image, an attacker could execute arbitrary code with user privileges. Nicolas Joly discovered that OpenOffice did not correctly handle certain Word documents. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary code with user privileges. It was discovered that OpenOffice did not correctly handle certain VBA macros correctly. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary macro commands, bypassing security controls
Family
unix
Platform
Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10
Product
openoffice.org
Reference
VENDOR: USN-903-1
VENDOR: USN-903-1
Id:
USN-903-1
Reference:
https://usn.ubuntu.com/usn/usn-903-1
CVE: CVE-2010-0136
CVE: CVE-2010-0136
Id:
CVE-2010-0136
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0136
Comment
: OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.
CVSSv2 Score:
9.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE:
77 (Improper Neutralization of Special Elements used in a Command ('Command Injection'))
References:
38245 (BID)
1023588 (SECTRACK)
DSA-1995 (DEBIAN)
USN-903-1 (UBUNTU)
38695 (SECUNIA)
SUSE-SA:2010:017 (SUSE)
ADV-2010-0635 (VUPEN)
38921 (SECUNIA)
ADV-2010-2905 (VUPEN)
MDVSA-2010:221 (MANDRIVA)
[debian-openoffice] 20100212 ./packages/openofficeorg/3.1.1/unstable r1866: merge 1:3.1.1-15+squeeze1 ()
CVE: CVE-2009-3302
CVE: CVE-2009-3302
Id:
CVE-2009-3302
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302
Comment
: filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."
CVSSv2 Score:
9.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE:
94 (Improper Control of Generation of Code ('Code Injection'))
References:
DSA-1995 (DEBIAN)
38568 (SECUNIA)
ADV-2010-0366 (VUPEN)
38567 (SECUNIA)
http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=533043 (CONFIRM)
1023591 (SECTRACK)
RHSA-2010:0101 (REDHAT)
38218 (BID)
http://www.openoffice.org/security/bulletin.html (CONFIRM)
38695 (SECUNIA)
USN-903-1 (UBUNTU)
SUSE-SA:2010:017 (SUSE)
38921 (SECUNIA)
ADV-2010-0635 (VUPEN)
ADV-2010-2905 (VUPEN)
TA10-287A (CERT)
MDVSA-2010:221 (MANDRIVA)
GLSA-201408-19 (GENTOO)
60799 (SECUNIA)
41818 (SECUNIA)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
openoffice-word-sprmtsetbrc-bo(56241) (XF)
oval:org.mitre.oval:def:10022 (OVAL)
CVE: CVE-2009-3301
CVE: CVE-2009-3301
Id:
CVE-2009-3301
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301
Comment
: Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.
CVSSv2 Score:
9.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE:
191 (Integer Underflow (Wrap or Wraparound))
References:
https://bugzilla.redhat.com/show_bug.cgi?id=533038 (CONFIRM)
1023591 (SECTRACK)
RHSA-2010:0101 (REDHAT)
ADV-2010-0366 (VUPEN)
http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html (CONFIRM)
DSA-1995 (DEBIAN)
38568 (SECUNIA)
38218 (BID)
http://www.openoffice.org/security/bulletin.html (CONFIRM)
38567 (SECUNIA)
USN-903-1 (UBUNTU)
38695 (SECUNIA)
38921 (SECUNIA)
SUSE-SA:2010:017 (SUSE)
ADV-2010-0635 (VUPEN)
ADV-2010-2905 (VUPEN)
MDVSA-2010:221 (MANDRIVA)
TA10-287A (CERT)
GLSA-201408-19 (GENTOO)
60799 (SECUNIA)
41818 (SECUNIA)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
openoffice-word-sprmtdeftable-bo(56240) (XF)
oval:org.mitre.oval:def:10423 (OVAL)
CVE: CVE-2009-2950
CVE: CVE-2009-2950
Id:
CVE-2009-2950
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950
Comment
: Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression.
CVSSv2 Score:
9.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE:
787 (Out-of-bounds Write)
References:
http://www.openoffice.org/security/bulletin.html (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=527512 (CONFIRM)
38567 (SECUNIA)
1023591 (SECTRACK)
38218 (BID)
ADV-2010-0366 (VUPEN)
RHSA-2010:0101 (REDHAT)
http://www.openoffice.org/security/cves/CVE-2009-2950.html (CONFIRM)
DSA-1995 (DEBIAN)
38568 (SECUNIA)
USN-903-1 (UBUNTU)
38695 (SECUNIA)
SUSE-SA:2010:017 (SUSE)
38921 (SECUNIA)
ADV-2010-0635 (VUPEN)
MDVSA-2010:221 (MANDRIVA)
TA10-287A (CERT)
ADV-2010-2905 (VUPEN)
GLSA-201408-19 (GENTOO)
60799 (SECUNIA)
41818 (SECUNIA)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
openoffice-gif-bo(56238) (XF)
oval:org.mitre.oval:def:11050 (OVAL)
CVE: CVE-2009-2949
CVE: CVE-2009-2949
Id:
CVE-2009-2949
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949
Comment
: Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
CVSSv2 Score:
9.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
COMPLETE
Integrity impact:
COMPLETE
Availability impact:
COMPLETE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE:
190 (Integer Overflow or Wraparound)
References:
DSA-1995 (DEBIAN)
38218 (BID)
1023591 (SECTRACK)
http://www.openoffice.org/security/bulletin.html (CONFIRM)
ADV-2010-0366 (VUPEN)
http://www.openoffice.org/security/cves/CVE-2009-2949.html (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=527540 (CONFIRM)
38568 (SECUNIA)
RHSA-2010:0101 (REDHAT)
38567 (SECUNIA)
USN-903-1 (UBUNTU)
38695 (SECUNIA)
ADV-2010-0635 (VUPEN)
SUSE-SA:2010:017 (SUSE)
38921 (SECUNIA)
ADV-2010-2905 (VUPEN)
MDVSA-2010:221 (MANDRIVA)
TA10-287A (CERT)
GLSA-201408-19 (GENTOO)
60799 (SECUNIA)
41818 (SECUNIA)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
openoffice-xpm-bo(56236) (XF)
oval:org.mitre.oval:def:10176 (OVAL)
CVE: CVE-2009-0217
CVE: CVE-2009-0217
Id:
CVE-2009-0217
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217
Comment
: The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE:
CWE-Other ()
References:
http://blogs.sun.com/security/entry/cert_vulnerability_note_vu_466161 (CONFIRM)
http://git.gnome.org/cgit/xmlsec/commit/?id=34b349675af9f72eb822837a8772cc1ead7115c7 (CONFIRM)
http://git.gnome.org/cgit/xmlsec/patch/?id=34b349675af9f72eb822837a8772cc1ead7115c7 (CONFIRM)
APPLE-SA-2009-09-03-1 (APPLE)
SUSE-SA:2009:053 (SUSE)
SUSE-SA:2010:017 (SUSE)
HPSBUX02476 (HP)
55895 (OSVDB)
55907 (OSVDB)
34461 (SECUNIA)
35776 (SECUNIA)
35852 (SECUNIA)
35853 (SECUNIA)
35854 (SECUNIA)
35855 (SECUNIA)
35858 (SECUNIA)
36162 (SECUNIA)
36176 (SECUNIA)
36180 (SECUNIA)
36494 (SECUNIA)
37300 (SECUNIA)
37671 (SECUNIA)
37841 (SECUNIA)
38567 (SECUNIA)
38568 (SECUNIA)
38695 (SECUNIA)
38921 (SECUNIA)
41818 (SECUNIA)
60799 (SECUNIA)
http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1 (CONFIRM)
263429 (SUNALERT)
269208 (SUNALERT)
1020710 (SUNALERT)
http://svn.apache.org/viewvc?revision=794013&view=revision (CONFIRM)
PK80596 (AIXAPAR)
PK80627 (AIXAPAR)
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg21384925 (CONFIRM)
http://www.aleksey.com/xmlsec/ (CONFIRM)
DSA-1995 (DEBIAN)
GLSA-201408-19 (GENTOO)
VU#466161 (CERT-VN)
http://www.kb.cert.org/vuls/id/MAPG-7TSKXQ (CONFIRM)
http://www.kb.cert.org/vuls/id/WDON-7TY529 (CONFIRM)
MDVSA-2009:209 (MANDRIVA)
http://www.mono-project.com/Vulnerabilities (CONFIRM)
http://www.openoffice.org/security/cves/CVE-2009-0217.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
RHSA-2009:1694 (REDHAT)
35671 (BID)
1022561 (SECTRACK)
1022567 (SECTRACK)
1022661 (SECTRACK)
USN-903-1 (UBUNTU)
TA09-294A (CERT)
TA10-159B (CERT)
ADV-2009-1900 (VUPEN)
ADV-2009-1908 (VUPEN)
ADV-2009-1909 (VUPEN)
ADV-2009-1911 (VUPEN)
ADV-2009-2543 (VUPEN)
ADV-2009-3122 (VUPEN)
ADV-2010-0366 (VUPEN)
ADV-2010-0635 (VUPEN)
http://www.w3.org/2008/06/xmldsigcore-errata.html#e03 (CONFIRM)
http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html (MISC)
https://bugzilla.redhat.com/show_bug.cgi?id=511915 (CONFIRM)
MS10-041 (MS)
https://issues.apache.org/bugzilla/show_bug.cgi?id=47526 (CONFIRM)
https://issues.apache.org/bugzilla/show_bug.cgi?id=47527 (CONFIRM)
oval:org.mitre.oval:def:10186 (OVAL)
oval:org.mitre.oval:def:7158 (OVAL)
oval:org.mitre.oval:def:8717 (OVAL)
RHSA-2009:1200 (REDHAT)
RHSA-2009:1201 (REDHAT)
RHSA-2009:1428 (REDHAT)
RHSA-2009:1636 (REDHAT)
RHSA-2009:1637 (REDHAT)
RHSA-2009:1649 (REDHAT)
RHSA-2009:1650 (REDHAT)
USN-826-1 (UBUNTU)
FEDORA-2009-8329 (FEDORA)
FEDORA-2009-8337 (FEDORA)
FEDORA-2009-8456 (FEDORA)
FEDORA-2009-8473 (FEDORA)
Content available only for registered users!
ovaldb@altx-soft.com