Impact
remote code execution
Solution
Please Install the Updated Packages.
Insight
OpenOffice_org was updated to add restrictions to SQL statements of Java-based databases to avoid the execution of native Java code by creating procedures. CVE-2007-4575
OpenOffice_org packages for SUSE Linux Enterprise Desktop 10 and openSUSE 10.3 were released last Thursday, packages for SUSE Linux 10.0, 10.1 and openSUSE 10.2 were released just today due to some build issues.
Affected
OpenOffice_org on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2007-4575 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities