Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15575
HistoryJan 04, 2007 - 12:00 a.m.

openoffice.org security update

2007-01-0400:00:00
vulners.com
13
JSON

Important: openoffice.org security update
Advisory: RHSA-2007:0001-3
Type: Security Advisory
Severity: Important
Issued on: 2007-01-03
Last updated on: 2007-01-03
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20070001.xml
CVEs (cve.mitre.org): CVE-2006-5870

Details

Updated openoffice.org packages are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

OpenOffice.org is an office productivity suite that includes desktop
applications such as a word processor, spreadsheet, presentation manager,
formula editor, and drawing program.

Several integer overflow bugs were found in the OpenOffice.org WMF file
processor. An attacker could create a carefully crafted WMF file that could
cause OpenOffice.org to execute arbitrary code when the file was opened by
a victim. (CVE-2006-5870)

All users of OpenOffice.org are advised to upgrade to these updated
packages, which contain a backported fix for this issue.

Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages
Red Hat Desktop (v. 3)
SRPMS:
openoffice.org-1.1.2-35.2.0.EL3.src.rpm 6f3069cdf173a36929aee9e6ebdb8440

IA-32:
openoffice.org-1.1.2-35.2.0.EL3.i386.rpm ea2830df835325f459fa0ef8f344ba58
openoffice.org-i18n-1.1.2-35.2.0.EL3.i386.rpm e07b9cf11b115ad8de8ec029262bad73
openoffice.org-libs-1.1.2-35.2.0.EL3.i386.rpm b3be91bc84e9eb02e40b7a293db9a444

x86_64:
openoffice.org-1.1.2-35.2.0.EL3.i386.rpm ea2830df835325f459fa0ef8f344ba58
openoffice.org-i18n-1.1.2-35.2.0.EL3.i386.rpm e07b9cf11b115ad8de8ec029262bad73
openoffice.org-libs-1.1.2-35.2.0.EL3.i386.rpm b3be91bc84e9eb02e40b7a293db9a444

Red Hat Desktop (v. 4)
SRPMS:
openoffice.org-1.1.5-6.6.0.EL4.src.rpm eeb08699ea4be24272fcfd9f2eff47c5

IA-32:
openoffice.org-1.1.5-6.6.0.EL4.i386.rpm f91fe90ea39081d4c7032d043fab560c
openoffice.org-i18n-1.1.5-6.6.0.EL4.i386.rpm 88fdb1893621ab64839d69e905f58b53
openoffice.org-kde-1.1.5-6.6.0.EL4.i386.rpm 1bbd8c3f838532b55b9892d274e617e2
openoffice.org-libs-1.1.5-6.6.0.EL4.i386.rpm c38f19182c1e17e383e81b31bca47101

x86_64:
openoffice.org-1.1.5-6.6.0.EL4.i386.rpm f91fe90ea39081d4c7032d043fab560c
openoffice.org-i18n-1.1.5-6.6.0.EL4.i386.rpm 88fdb1893621ab64839d69e905f58b53
openoffice.org-libs-1.1.5-6.6.0.EL4.i386.rpm c38f19182c1e17e383e81b31bca47101

Red Hat Enterprise Linux AS (v. 3)
SRPMS:
openoffice.org-1.1.2-35.2.0.EL3.src.rpm 6f3069cdf173a36929aee9e6ebdb8440

IA-32:
openoffice.org-1.1.2-35.2.0.EL3.i386.rpm ea2830df835325f459fa0ef8f344ba58
openoffice.org-i18n-1.1.2-35.2.0.EL3.i386.rpm e07b9cf11b115ad8de8ec029262bad73
openoffice.org-libs-1.1.2-35.2.0.EL3.i386.rpm b3be91bc84e9eb02e40b7a293db9a444

x86_64:
openoffice.org-1.1.2-35.2.0.EL3.i386.rpm ea2830df835325f459fa0ef8f344ba58
openoffice.org-i18n-1.1.2-35.2.0.EL3.i386.rpm e07b9cf11b115ad8de8ec029262bad73
openoffice.org-libs-1.1.2-35.2.0.EL3.i386.rpm b3be91bc84e9eb02e40b7a293db9a444

Red Hat Enterprise Linux AS (v. 4)
SRPMS:
openoffice.org-1.1.5-6.6.0.EL4.src.rpm eeb08699ea4be24272fcfd9f2eff47c5

IA-32:
openoffice.org-1.1.5-6.6.0.EL4.i386.rpm f91fe90ea39081d4c7032d043fab560c
openoffice.org-i18n-1.1.5-6.6.0.EL4.i386.rpm 88fdb1893621ab64839d69e905f58b53
openoffice.org-kde-1.1.5-6.6.0.EL4.i386.rpm 1bbd8c3f838532b55b9892d274e617e2
openoffice.org-libs-1.1.5-6.6.0.EL4.i386.rpm c38f19182c1e17e383e81b31bca47101

PPC:
openoffice.org-1.1.5-6.6.0.EL4.ppc.rpm 8dea40bdabbaa3013c3c447f1f466001
openoffice.org-i18n-1.1.5-6.6.0.EL4.ppc.rpm 1e2b701f707f804be099a9e067a55bea
openoffice.org-kde-1.1.5-6.6.0.EL4.ppc.rpm 5278629cd13d0a377ba93eb2ac1d0219
openoffice.org-libs-1.1.5-6.6.0.EL4.ppc.rpm 0df62d4ee6939cf2f55cb6f3ff1fb8ca

x86_64:
openoffice.org-1.1.5-6.6.0.EL4.i386.rpm f91fe90ea39081d4c7032d043fab560c
openoffice.org-i18n-1.1.5-6.6.0.EL4.i386.rpm 88fdb1893621ab64839d69e905f58b53
openoffice.org-libs-1.1.5-6.6.0.EL4.i386.rpm c38f19182c1e17e383e81b31bca47101

Red Hat Enterprise Linux ES (v. 3)
SRPMS:
openoffice.org-1.1.2-35.2.0.EL3.src.rpm 6f3069cdf173a36929aee9e6ebdb8440

IA-32:
openoffice.org-1.1.2-35.2.0.EL3.i386.rpm ea2830df835325f459fa0ef8f344ba58
openoffice.org-i18n-1.1.2-35.2.0.EL3.i386.rpm e07b9cf11b115ad8de8ec029262bad73
openoffice.org-libs-1.1.2-35.2.0.EL3.i386.rpm b3be91bc84e9eb02e40b7a293db9a444

x86_64:
openoffice.org-1.1.2-35.2.0.EL3.i386.rpm ea2830df835325f459fa0ef8f344ba58
openoffice.org-i18n-1.1.2-35.2.0.EL3.i386.rpm e07b9cf11b115ad8de8ec029262bad73
openoffice.org-libs-1.1.2-35.2.0.EL3.i386.rpm b3be91bc84e9eb02e40b7a293db9a444

Red Hat Enterprise Linux ES (v. 4)
SRPMS:
openoffice.org-1.1.5-6.6.0.EL4.src.rpm eeb08699ea4be24272fcfd9f2eff47c5

IA-32:
openoffice.org-1.1.5-6.6.0.EL4.i386.rpm f91fe90ea39081d4c7032d043fab560c
openoffice.org-i18n-1.1.5-6.6.0.EL4.i386.rpm 88fdb1893621ab64839d69e905f58b53
openoffice.org-kde-1.1.5-6.6.0.EL4.i386.rpm 1bbd8c3f838532b55b9892d274e617e2
openoffice.org-libs-1.1.5-6.6.0.EL4.i386.rpm c38f19182c1e17e383e81b31bca47101

x86_64:
openoffice.org-1.1.5-6.6.0.EL4.i386.rpm f91fe90ea39081d4c7032d043fab560c
openoffice.org-i18n-1.1.5-6.6.0.EL4.i386.rpm 88fdb1893621ab64839d69e905f58b53
openoffice.org-libs-1.1.5-6.6.0.EL4.i386.rpm c38f19182c1e17e383e81b31bca47101

Red Hat Enterprise Linux WS (v. 3)
SRPMS:
openoffice.org-1.1.2-35.2.0.EL3.src.rpm 6f3069cdf173a36929aee9e6ebdb8440

IA-32:
openoffice.org-1.1.2-35.2.0.EL3.i386.rpm ea2830df835325f459fa0ef8f344ba58
openoffice.org-i18n-1.1.2-35.2.0.EL3.i386.rpm e07b9cf11b115ad8de8ec029262bad73
openoffice.org-libs-1.1.2-35.2.0.EL3.i386.rpm b3be91bc84e9eb02e40b7a293db9a444

x86_64:
openoffice.org-1.1.2-35.2.0.EL3.i386.rpm ea2830df835325f459fa0ef8f344ba58
openoffice.org-i18n-1.1.2-35.2.0.EL3.i386.rpm e07b9cf11b115ad8de8ec029262bad73
openoffice.org-libs-1.1.2-35.2.0.EL3.i386.rpm b3be91bc84e9eb02e40b7a293db9a444

Red Hat Enterprise Linux WS (v. 4)
SRPMS:
openoffice.org-1.1.5-6.6.0.EL4.src.rpm eeb08699ea4be24272fcfd9f2eff47c5

IA-32:
openoffice.org-1.1.5-6.6.0.EL4.i386.rpm f91fe90ea39081d4c7032d043fab560c
openoffice.org-i18n-1.1.5-6.6.0.EL4.i386.rpm 88fdb1893621ab64839d69e905f58b53
openoffice.org-kde-1.1.5-6.6.0.EL4.i386.rpm 1bbd8c3f838532b55b9892d274e617e2
openoffice.org-libs-1.1.5-6.6.0.EL4.i386.rpm c38f19182c1e17e383e81b31bca47101

x86_64:
openoffice.org-1.1.5-6.6.0.EL4.i386.rpm f91fe90ea39081d4c7032d043fab560c
openoffice.org-i18n-1.1.5-6.6.0.EL4.i386.rpm 88fdb1893621ab64839d69e905f58b53
openoffice.org-libs-1.1.5-6.6.0.EL4.i386.rpm c38f19182c1e17e383e81b31bca47101

(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

217347 - CVE-2006-5870 WMF heap overflow

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5870
http://www.redhat.com/security/updates/classification/#important

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is [email protected]. More contact details at http://www.redhat.com/security/team/contact/

Related

nessus 27
openvas 6
osv 1
redhat 1
suse 1
gentoo 1
cve 1
ubuntucve 1
centos 1
ubuntu 1
cert 1
debian 1
oraclelinux 1
nessus
nessus
Mandrake Linux Security Advisory : openoffice.org (MDKSA-2007:006)
2007-02-18 00:00:00
RHEL 3 / 4 : openoffice.org (RHSA-2007:0001)
2007-01-08 00:00:00
SUSE-SA:2007:001: OpenOffice_org
2007-02-18 00:00:00
openvas
openvas
SuSE Update for OpenOffice_org SUSE-SA:2007:001
2009-01-28 00:00:00
Mandriva Update for openoffice.org MDKSA-2007:006 (openoffice.org)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200701-07 (openoffice)
2008-09-24 00:00:00
osv
osv
openoffice.org
2007-01-08 00:00:00
redhat
redhat
(RHSA-2007:0001) Important: openoffice.org security update
2007-01-03 00:00:00
suse
suse
code execution in OpenOffice_org
2007-01-04 17:19:07
gentoo
gentoo
OpenOffice.org: EMF/WMF file handling vulnerabilities
2007-01-12 00:00:00
cve
cve
CVE-2006-5870
2006-12-31 05:00:00
ubuntucve
ubuntucve
CVE-2006-5870
2006-12-31 00:00:00
centos
centos
openoffice.org security update
2007-01-04 14:55:30
ubuntu
ubuntu
OpenOffice.org vulnerability
2007-01-12 00:00:00
cert
cert
OpenOffice fails to properly process WMF and EMF files
2007-01-05 00:00:00
debian
debian
[SECURITY] [DSA 1246-1] New OpenOffice.org packages fix arbitrary code execution
2007-01-08 15:37:35
oraclelinux
oraclelinux
Important openoffice.org security update
2007-01-05 00:00:00
JSON
Related for SECURITYVULNS:DOC:15575
nessus27openvas6osv1redhat1suse1gentoo1cve1ubuntucve1centos1ubuntu1cert1debian1oraclelinux1