what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 2151-1

Debian Security Advisory 2151-1
Posted Jan 26, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2151-1 - Several security related problems have been discovered in the OpenOffice.org package that allows malformed documents to trick the system into crashes or even the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2010-3450, CVE-2010-3451, CVE-2010-3452, CVE-2010-3453, CVE-2010-3454, CVE-2010-3689, CVE-2010-4253, CVE-2010-4643
SHA-256 | 17dc16e850b0b68b6eb12c09418a09d62b2bc4ec50d33f8afa018d58fd095e77

Debian Security Advisory 2151-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 2151-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
January 26th, 2011 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : openoffice.org
Vulnerability : several
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2010-3450 CVE-2010-3451 CVE-2010-3452 CVE-2010-3453
CVE-2010-3454 CVE-2010-3689 CVE-2010-4253 CVE-2010-4643

Several security related problems have been discovered in the
OpenOffice.org package that allows malformed documents to trick the
system into crashes or even the execution of arbitrary code.

CVE-2010-3450

During an internal security audit within Red Hat, a directory
traversal vulnerability has been discovered in the way
OpenOffice.org 3.1.1 through 3.2.1 processes XML filter files. If
a local user is tricked into opening a specially-crafted OOo XML
filters package file, this problem could allow remote attackers to
create or overwrite arbitrary files belonging to local user or,
potentially, execute arbitrary code.

CVE-2010-3451

During his work as a consultant at Virtual Security Research
(VSR), Dan Rosenberg discovered a vulnerability in
OpenOffice.org's RTF parsing functionality. Opening a maliciously
crafted RTF document can caus an out-of-bounds memory read into
previously allocated heap memory, which may lead to the execution
of arbitrary code.

CVE-2010-3452

Dan Rosenberg discovered a vulnerability in the RTF file parser
which can be leveraged by attackers to achieve arbitrary code
execution by convincing a victim to open a maliciously crafted RTF
file.

CVE-2010-3453

As part of his work with Virtual Security Research, Dan Rosenberg
discovered a vulnerability in the WW8ListManager::WW8ListManager()
function of OpenOffice.org that allows a maliciously crafted file
to cause the execution of arbitrary code.

CVE-2010-3454

As part of his work with Virtual Security Research, Dan Rosenberg
discovered a vulnerability in the WW8DopTypography::ReadFromMem()
function in OpenOffice.org that may be exploited by a maliciously
crafted file which allowins an attacker to control program flow
and potentially execute arbitrary code.

CVE-2010-3689

Dmitri Gribenko discovered that the soffice script does not treat
an empty LD_LIBRARY_PATH variable like an unset one, may lead to
the execution of arbitrary code.

CVE-2010-4253

A heap based buffer overflow has been discovered with unknown impact.

CVE-2010-4643

A vulnerability has been discovered in the way OpenOffice.org
handles TGA graphics which can be tricked by a specially crafted
TGA file that could cause the program to crash due to a heap-based
buffer overflow with unknown impact.


For the stable distribution (lenny) these problems have been fixed in
version 2.4.1+dfsg-1+lenny11.

For the upcoming stable distribution (squeeze) these problems have
been fixed in version 3.2.1-11+squeeze1.

For the unstable distribution (sid) these problems have been fixed in
version 3.2.1-11+squeeze1.

For the experimental distribution these problems have been fixed in
version 3.3.0~rc3-1.

We recommend that you upgrade your OpenOffice.org packages.


Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: [18]http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFNQEkOW5ql+IAeqTIRAp9GAJ0WTb4z3fzW9x3TK3aux2v/zWtIPQCfRdzx
+AX/hG1qBThFdf0f6k2SiMQ=
=O7sd
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close