Vulnerabilities > CVE-2006-2199
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 | |
| Application | 3 |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2006-764.NASL description - CVE-2006-2198 macro security - CVE-2006-2199 java applets - CVE-2006-3117 corrupt file format more details at http://www.openoffice.org/security/bulletin-20060629.h tml Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24137 published 2007-01-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24137 title Fedora Core 4 : openoffice.org-2.0.1.1-7.1 (2006-764) NASL family Windows NASL id OPENOFFICE_ORG_203.NASL description The remote host is running a version of OpenOffice.org which is older than version 2.0.3. An attacker may use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have him open it. The file could be crafted in such a way that it could exploit a buffer overflow in OpenOffice.org last seen 2020-06-01 modified 2020-06-02 plugin id 21784 published 2006-06-30 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21784 title OpenOffice < 2.0.3 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SA_2006_040.NASL description The remote host is missing the patch for the advisory SUSE-SA:2006:040 (OpenOffice_org). Following security problems were found and fixed in OpenOffice_org: - CVE-2006-2198: A security vulnerability in OpenOffice.org may make it possible to inject basic code into documents which is executed upon loading of the document. The user will not be asked or notified and the macro will have full access to system resources with current user last seen 2019-10-28 modified 2007-02-18 plugin id 24420 published 2007-02-18 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24420 title SUSE-SA:2006:040: OpenOffice_org NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2006-0573.NASL description Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A Sun security specialist reported an issue with the application framework. An attacker could put macros into document locations that could cause OpenOffice.org to execute them when the file was opened by a victim. (CVE-2006-2198) A bug was found in the OpenOffice.org Java virtual machine implementation. An attacker could write a carefully crafted Java applet that can break through the last seen 2020-06-01 modified 2020-06-02 plugin id 21916 published 2006-07-04 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21916 title RHEL 3 / 4 : openoffice.org (RHSA-2006:0573) NASL family SuSE Local Security Checks NASL id SUSE_OPENOFFICE_ORG-1698.NASL description Following security problems were found in OpenOffice_org : - CVE-2006-2198: A security vulnerability in OpenOffice.org may make it possible to inject basic code into documents which is executed upon loading of the document. The user will not be asked or notified and the macro will have full access to system resources with current user last seen 2020-06-01 modified 2020-06-02 plugin id 27134 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27134 title openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-1698) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2006-0573.NASL description Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A Sun security specialist reported an issue with the application framework. An attacker could put macros into document locations that could cause OpenOffice.org to execute them when the file was opened by a victim. (CVE-2006-2198) A bug was found in the OpenOffice.org Java virtual machine implementation. An attacker could write a carefully crafted Java applet that can break through the last seen 2020-06-01 modified 2020-06-02 plugin id 21906 published 2006-07-04 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21906 title CentOS 3 / 4 : openoffice.org (CESA-2006:0573) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200607-12.NASL description The remote host is affected by the vulnerability described in GLSA-200607-12 (OpenOffice.org: Multiple vulnerabilities) Internal security audits by OpenOffice.org have discovered three security vulnerabilities related to Java applets, macros and the XML file format parser. Specially crafted Java applets can break through the last seen 2020-06-01 modified 2020-06-02 plugin id 22120 published 2006-07-29 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22120 title GLSA-200607-12 : OpenOffice.org: Multiple vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2006-770.NASL description - CVE-2006-2198 macro security - CVE-2006-2199 java applets - CVE-2006-3117 corrupt file format more details at http://www.openoffice.org/security/bulletin-20060629.h tml Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24139 published 2007-01-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24139 title Fedora Core 5 : openoffice.org-2.0.2-5.16.2 (2006-770) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-313-1.NASL description It was possible to embed Basic macros in documents in a way that OpenOffice.org would not ask for confirmation about executing them. By tricking a user into opening a malicious document, this could be exploited to run arbitrary Basic code (including local file access and modification) with the user last seen 2020-06-01 modified 2020-06-02 plugin id 27888 published 2007-11-10 reporter Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/27888 title Ubuntu 5.04 / 6.06 LTS : openoffice.org-amd64, openoffice.org vulnerabilities (USN-313-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-313-2.NASL description USN-313-1 fixed several vulnerabilities in OpenOffice for Ubuntu 5.04 and Ubuntu 6.06 LTS. This followup advisory provides the corresponding update for Ubuntu 5.10. For reference, these are the details of the original USN : It was possible to embed Basic macros in documents in a way that OpenOffice.org would not ask for confirmation about executing them. By tricking a user into opening a malicious document, this could be exploited to run arbitrary Basic code (including local file access and modification) with the user last seen 2020-06-01 modified 2020-06-02 plugin id 27889 published 2007-11-10 reporter Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2007-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27889 title Ubuntu 5.10 : openoffice.org2-amd64, openoffice.org2 vulnerabilities (USN-313-2) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1104.NASL description Loading malformed XML documents can cause buffer overflows in OpenOffice.org, a free office suite, and cause a denial of service or execute arbitrary code. It turned out that the correction in DSA 1104-1 was not sufficient, hence, another update. For completeness please find the original advisory text below : Several vulnerabilities have been discovered in OpenOffice.org, a free office suite. The Common Vulnerabilities and Exposures Project identifies the following problems : - CVE-2006-2198 It turned out to be possible to embed arbitrary BASIC macros in documents in a way that OpenOffice.org does not see them but executes them anyway without any user interaction. - CVE-2006-2199 It is possible to evade the Java sandbox with specially crafted Java applets. - CVE-2006-3117 Loading malformed XML documents can cause buffer overflows and cause a denial of service or execute arbitrary code. This update has the Mozilla component disabled, so that the Mozilla/LDAP addressbook feature won last seen 2020-06-01 modified 2020-06-02 plugin id 22646 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22646 title Debian DSA-1104-2 : openoffice.org - several vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2007-005.NASL description Rectifies an error patch condition where by corrupt wmf/emf files with out of bounds values in the emf/wmf file could enable an attacker by constructing a malicious file to execute arbitrary code if opened in OpenOffice by a victim. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24184 published 2007-01-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24184 title Fedora Core 5 : openoffice.org-2.0.2-5.20.2 / Fedora Core 6 : openoffice.org-2.0.4-5.5.10 (2007-005) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2006-118.NASL description OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. (CVE-2006-2198) An unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. (CVE-2006-2199) Heap-based buffer overflow in OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka last seen 2020-06-01 modified 2020-06-02 plugin id 22014 published 2006-07-10 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22014 title Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2006:118)
Oval
| accepted | 2013-04-29T04:13:21.438-04:00 | ||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||
| contributors |
| ||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||
| description | Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. | ||||||||||||||||||||
| family | unix | ||||||||||||||||||||
| id | oval:org.mitre.oval:def:11338 | ||||||||||||||||||||
| status | accepted | ||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
| title | Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. | ||||||||||||||||||||
| version | 27 |
Redhat
| advisories |
| ||||
| rpms |
|
References
- http://fedoranews.org/cms/node/2343
- http://fedoranews.org/cms/node/2343
- http://secunia.com/advisories/20867
- http://secunia.com/advisories/20867
- http://secunia.com/advisories/20893
- http://secunia.com/advisories/20893
- http://secunia.com/advisories/20910
- http://secunia.com/advisories/20910
- http://secunia.com/advisories/20911
- http://secunia.com/advisories/20911
- http://secunia.com/advisories/20913
- http://secunia.com/advisories/20913
- http://secunia.com/advisories/20975
- http://secunia.com/advisories/20975
- http://secunia.com/advisories/20995
- http://secunia.com/advisories/20995
- http://secunia.com/advisories/21278
- http://secunia.com/advisories/21278
- http://secunia.com/advisories/23620
- http://secunia.com/advisories/23620
- http://security.gentoo.org/glsa/glsa-200607-12.xml
- http://security.gentoo.org/glsa/glsa-200607-12.xml
- http://securitytracker.com/id?1016414
- http://securitytracker.com/id?1016414
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1
- http://www.debian.org/security/2006/dsa-1104
- http://www.debian.org/security/2006/dsa-1104
- http://www.kb.cert.org/vuls/id/243681
- http://www.kb.cert.org/vuls/id/243681
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:118
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:118
- http://www.novell.com/linux/security/advisories/2006_40_openoffice.html
- http://www.novell.com/linux/security/advisories/2006_40_openoffice.html
- http://www.openoffice.org/security/CVE-2006-2199.html
- http://www.openoffice.org/security/CVE-2006-2199.html
- http://www.redhat.com/support/errata/RHSA-2006-0573.html
- http://www.redhat.com/support/errata/RHSA-2006-0573.html
- http://www.securityfocus.com/archive/1/447035/100/0/threaded
- http://www.securityfocus.com/archive/1/447035/100/0/threaded
- http://www.securityfocus.com/bid/18737
- http://www.securityfocus.com/bid/18737
- http://www.ubuntu.com/usn/usn-313-1
- http://www.ubuntu.com/usn/usn-313-1
- http://www.ubuntu.com/usn/usn-313-2
- http://www.ubuntu.com/usn/usn-313-2
- http://www.vupen.com/english/advisories/2006/2607
- http://www.vupen.com/english/advisories/2006/2607
- http://www.vupen.com/english/advisories/2006/2621
- http://www.vupen.com/english/advisories/2006/2621
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27569
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27569
- https://issues.rpath.com/browse/RPL-475
- https://issues.rpath.com/browse/RPL-475
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338