Mandriva Update For Openoffice.org MDKSA-2007:073 (openoffice.org) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Stack-based buffer overflow in the StarCalc parser in OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. (CVE-2007-0238) OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. (CVE-2007-0239) Updated packages have been patched to correct these issues.

Affected

openoffice.org on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64

Severity

Classification

CVE CVE-2007-0238, CVE-2007-0239

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:073 (sarg)
Mandrake Security Advisory MDVSA-2009:116 (gnutls)
Mandrake Security Advisory MDVSA-2009:005 (xterm)
Mandrake Security Advisory MDVSA-2009:106 (libwmf)
Mandrake Security Advisory MDVSA-2009:013 (mplayer)

Mandriva Update for openoffice.org MDKSA-2007:073 (openoffice.org)

Take action and discover your vulnerabilities