Full Disclosure mailing list archives
rPSA-2007-0070-1 openoffice.org
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Mon, 09 Apr 2007 14:14:48 -0400
rPath Security Advisory: 2007-0070-1 Published: 2007-04-09 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: openoffice.org=/conary.rpath.com@rpl:devel//1/2.2-0.1-1 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 https://issues.rpath.com/browse/RPL-1118 Description: Previous versions of the openoffice.org package are vulnerable to two indirect code execution attacks, one when reading maliciously malformed StarCalc documents, and one when parsing maliciously crafted URIs. (Another vulnerability in libwpd was addressed separately, as libwpd is packaged separately in rPath Linux.) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- rPSA-2007-0070-1 openoffice.org rPath Update Announcements (Apr 09)