Gentoo Security Advisory GLSA 200410-17 (openoffice) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200410-17.

Solution

All affected OpenOffice.org users should upgrade to the latest version: # emerge sync # emerge -pv '>=app-office/openoffice-1.1.3' # emerge '>=app-office/openoffice-1.1.3' All affected OpenOffice.org binary users should upgrade to the latest version: # emerge sync # emerge -pv '>=app-office/openoffice-bin-1.1.3' # emerge '>=app-office/openoffice-bin-1.1.3' All affected OpenOffice.org Ximian users should upgrade to the latest version: # emerge sync # emerge -pv '>=app-office/openoffice-ximian-1.3.4' # emerge '>=app-office/openoffice-1.3.4' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200410-17 http://bugs.gentoo.org/show_bug.cgi?id=63556 http://www.openoffice.org/issues/show_bug.cgi?id=33357

Insight

OpenOffice.org uses insecure temporary files which could allow a malicious local user to gain knowledge of sensitive information from other users' documents.

Severity

Classification

CVE CVE-2004-0752

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Take action and discover your vulnerabilities