Vulnerabilities > CVE-2008-3282 - Incorrect Conversion between Numeric Types vulnerability in multiple products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
apache
fedoraproject
CWE-681
nessus

Summary

Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.

Vulnerable Configurations

Part Description Count
Application
Apache
1
OS
Fedoraproject
2

Nessus

  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0835.NASL
    descriptionUpdated openoffice.org packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor, and a drawing program. A numeric truncation error was found in the OpenOffice.org memory allocator. If a carefully crafted file was opened by a victim, an attacker could use this flaw to crash OpenOffice.org or, possibly, execute arbitrary code. (CVE-2008-3282) All users of openoffice.org are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id43706
    published2010-01-06
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43706
    titleCentOS 5 : openoffice.org (CESA-2008:0835)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:0835 and 
    # CentOS Errata and Security Advisory 2008:0835 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(43706);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:04");
    
      script_cve_id("CVE-2008-3282");
      script_bugtraq_id(30866);
      script_xref(name:"RHSA", value:"2008:0835");
    
      script_name(english:"CentOS 5 : openoffice.org (CESA-2008:0835)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated openoffice.org packages that fix a security issue are now
    available for Red Hat Enterprise Linux 5.
    
    This update has been rated as having important security impact by the
    Red Hat Security Response Team.
    
    OpenOffice.org is an office productivity suite that includes desktop
    applications, such as a word processor, spreadsheet, presentation
    manager, formula editor, and a drawing program.
    
    A numeric truncation error was found in the OpenOffice.org memory
    allocator. If a carefully crafted file was opened by a victim, an
    attacker could use this flaw to crash OpenOffice.org or, possibly,
    execute arbitrary code. (CVE-2008-3282)
    
    All users of openoffice.org are advised to upgrade to these updated
    packages, which contain a backported patch to correct this issue."
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-August/015230.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3de21b57"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-August/015231.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?818be9a5"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected openoffice.org packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-calc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-draw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-emailmerge");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-graphicfilter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-impress");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-javafilter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-af_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-as_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-bg_BG");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-bn");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ca_ES");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-cs_CZ");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-cy_GB");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-da_DK");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-de");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-el_GR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-es");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-et_EE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-eu_ES");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-fi_FI");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-fr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ga_IE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-gl_ES");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-gu_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-he_IL");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-hi_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-hr_HR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-hu_HU");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-it");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ja_JP");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-kn_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ko_KR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-lt_LT");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ml_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-mr_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ms_MY");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-nb_NO");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-nl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-nn_NO");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-nr_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-nso_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-or_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-pa_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-pl_PL");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-pt_BR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-pt_PT");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ru");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-sk_SK");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-sl_SI");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-sr_CS");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ss_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-st_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-sv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ta_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-te_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-th_TH");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-tn_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-tr_TR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ts_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ur");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-ve_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-xh_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-zh_TW");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-langpack-zu_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-math");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-pyuno");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-sdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-sdk-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-testtools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-writer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:openoffice.org-xsltfilter");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/08/29");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/08/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-base-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-calc-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-core-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-draw-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-emailmerge-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-graphicfilter-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-headless-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-impress-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-javafilter-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-af_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ar-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-as_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-bg_BG-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-bn-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ca_ES-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-cs_CZ-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-cy_GB-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-da_DK-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-de-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-el_GR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-es-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-et_EE-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-eu_ES-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-fi_FI-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-fr-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ga_IE-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-gl_ES-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-gu_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-he_IL-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-hi_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-hr_HR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-hu_HU-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-it-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ja_JP-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-kn_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ko_KR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-lt_LT-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ml_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-mr_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ms_MY-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-nb_NO-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-nl-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-nn_NO-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-nr_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-nso_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-or_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-pa_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-pl_PL-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-pt_BR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-pt_PT-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ru-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-sk_SK-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-sl_SI-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-sr_CS-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ss_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-st_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-sv-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ta_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-te_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-th_TH-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-tn_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-tr_TR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ts_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ur-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-ve_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-xh_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-zh_CN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-zh_TW-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-langpack-zu_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-math-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-pyuno-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-sdk-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-sdk-doc-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-testtools-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-writer-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"openoffice.org-xsltfilter-2.3.0-6.5.2.el5_2")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openoffice.org-base / openoffice.org-calc / openoffice.org-core / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0835.NASL
    descriptionUpdated openoffice.org packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor, and a drawing program. A numeric truncation error was found in the OpenOffice.org memory allocator. If a carefully crafted file was opened by a victim, an attacker could use this flaw to crash OpenOffice.org or, possibly, execute arbitrary code. (CVE-2008-3282) All users of openoffice.org are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id34058
    published2008-08-28
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34058
    titleRHEL 5 : openoffice.org (RHSA-2008:0835)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:0835. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34058);
      script_version ("1.23");
      script_cvs_date("Date: 2019/10/25 13:36:13");
    
      script_cve_id("CVE-2008-3282");
      script_bugtraq_id(30866);
      script_xref(name:"RHSA", value:"2008:0835");
    
      script_name(english:"RHEL 5 : openoffice.org (RHSA-2008:0835)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated openoffice.org packages that fix a security issue are now
    available for Red Hat Enterprise Linux 5.
    
    This update has been rated as having important security impact by the
    Red Hat Security Response Team.
    
    OpenOffice.org is an office productivity suite that includes desktop
    applications, such as a word processor, spreadsheet, presentation
    manager, formula editor, and a drawing program.
    
    A numeric truncation error was found in the OpenOffice.org memory
    allocator. If a carefully crafted file was opened by a victim, an
    attacker could use this flaw to crash OpenOffice.org or, possibly,
    execute arbitrary code. (CVE-2008-3282)
    
    All users of openoffice.org are advised to upgrade to these updated
    packages, which contain a backported patch to correct this issue."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-3282"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2008:0835"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-calc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-draw");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-emailmerge");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-graphicfilter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-impress");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-javafilter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-af_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-as_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-bg_BG");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-bn");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ca_ES");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-cs_CZ");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-cy_GB");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-da_DK");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-de");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-el_GR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-es");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-et_EE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-eu_ES");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-fi_FI");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-fr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ga_IE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-gl_ES");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-gu_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-he_IL");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-hi_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-hr_HR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-hu_HU");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-it");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ja_JP");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-kn_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ko_KR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-lt_LT");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ml_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-mr_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ms_MY");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-nb_NO");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-nl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-nn_NO");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-nr_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-nso_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-or_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-pa_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-pl_PL");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-pt_BR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-pt_PT");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ru");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-sk_SK");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-sl_SI");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-sr_CS");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ss_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-st_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-sv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ta_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-te_IN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-th_TH");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-tn_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-tr_TR");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ts_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ur");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-ve_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-xh_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-zh_CN");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-zh_TW");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-langpack-zu_ZA");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-math");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-pyuno");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-sdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-sdk-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-testtools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-writer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openoffice.org-xsltfilter");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.2");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/08/29");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/08/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/08/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2008:0835";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-base-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-base-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-calc-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-calc-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-core-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-core-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-draw-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-draw-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-emailmerge-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-emailmerge-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-graphicfilter-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-graphicfilter-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-headless-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-headless-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-impress-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-impress-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-javafilter-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-javafilter-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-af_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-af_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ar-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ar-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-as_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-as_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-bg_BG-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-bg_BG-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-bn-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-bn-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ca_ES-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ca_ES-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-cs_CZ-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-cs_CZ-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-cy_GB-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-cy_GB-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-da_DK-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-da_DK-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-de-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-de-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-el_GR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-el_GR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-es-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-es-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-et_EE-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-et_EE-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-eu_ES-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-eu_ES-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-fi_FI-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-fi_FI-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-fr-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-fr-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ga_IE-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ga_IE-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-gl_ES-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-gl_ES-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-gu_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-gu_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-he_IL-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-he_IL-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-hi_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-hi_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-hr_HR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-hr_HR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-hu_HU-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-hu_HU-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-it-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-it-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ja_JP-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ja_JP-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-kn_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-kn_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ko_KR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ko_KR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-lt_LT-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-lt_LT-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ml_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ml_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-mr_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-mr_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ms_MY-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ms_MY-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-nb_NO-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-nb_NO-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-nl-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-nl-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-nn_NO-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-nn_NO-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-nr_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-nr_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-nso_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-nso_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-or_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-or_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-pa_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-pa_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-pl_PL-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-pl_PL-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-pt_BR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-pt_BR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-pt_PT-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-pt_PT-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ru-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ru-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-sk_SK-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-sk_SK-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-sl_SI-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-sl_SI-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-sr_CS-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-sr_CS-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ss_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ss_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-st_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-st_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-sv-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-sv-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ta_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ta_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-te_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-te_IN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-th_TH-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-th_TH-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-tn_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-tn_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-tr_TR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-tr_TR-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ts_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ts_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ur-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ur-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-ve_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-ve_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-xh_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-xh_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-zh_CN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-zh_CN-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-zh_TW-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-zh_TW-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-langpack-zu_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-langpack-zu_ZA-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-math-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-math-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-pyuno-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-pyuno-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-sdk-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-sdk-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-sdk-doc-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-sdk-doc-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-testtools-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-testtools-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-writer-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-writer-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"openoffice.org-xsltfilter-2.3.0-6.5.2.el5_2")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"openoffice.org-xsltfilter-2.3.0-6.5.2.el5_2")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openoffice.org-base / openoffice.org-calc / openoffice.org-core / etc");
      }
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20080827_OPENOFFICE_ORG_ON_SL5_X.NASL
    descriptionA numeric truncation error was found in the OpenOffice.org memory allocator. If a carefully crafted file was opened by a victim, an attacker could use this flaw to crash OpenOffice.org or, possibly, execute arbitrary code. (CVE-2008-3282)
    last seen2020-06-01
    modified2020-06-02
    plugin id60469
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60469
    titleScientific Linux Security Update : openoffice.org on SL5.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(60469);
      script_version("1.4");
      script_cvs_date("Date: 2019/10/25 13:36:17");
    
      script_cve_id("CVE-2008-3282");
    
      script_name(english:"Scientific Linux Security Update : openoffice.org on SL5.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A numeric truncation error was found in the OpenOffice.org memory
    allocator. If a carefully crafted file was opened by a victim, an
    attacker could use this flaw to crash OpenOffice.org or, possibly,
    execute arbitrary code. (CVE-2008-3282)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0809&L=scientific-linux-errata&T=0&P=321
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5ce3bf2d"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/08/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL5", reference:"openoffice.org-base-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-calc-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-core-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-draw-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-emailmerge-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-graphicfilter-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-headless-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-impress-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-javafilter-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-af_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ar-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-as_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-bg_BG-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-bn-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ca_ES-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-cs_CZ-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-cy_GB-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-da_DK-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-de-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-el_GR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-es-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-et_EE-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-eu_ES-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-fi_FI-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-fr-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ga_IE-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-gl_ES-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-gu_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-he_IL-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-hi_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-hr_HR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-hu_HU-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-it-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ja_JP-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-kn_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ko_KR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-lt_LT-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ml_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-mr_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ms_MY-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-nb_NO-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-nl-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-nn_NO-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-nr_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-nso_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-or_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-pa_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-pl_PL-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-pt_BR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-pt_PT-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ru-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-sk_SK-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-sl_SI-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-sr_CS-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ss_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-st_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-sv-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ta_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-te_IN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-th_TH-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-tn_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-tr_TR-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ts_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ur-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-ve_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-xh_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-zh_CN-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-zh_TW-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-langpack-zu_ZA-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-math-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-pyuno-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-sdk-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-sdk-doc-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-testtools-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-writer-2.3.0-6.5.2.el5_2")) flag++;
    if (rpm_check(release:"SL5", reference:"openoffice.org-xsltfilter-2.3.0-6.5.2.el5_2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-7680.NASL
    descriptionResolves: CVE-2008-3282 numeric truncation error in 64bit OOo memory allocator An update to OpenOffice.org primarily to provide Serbian translations and support. Additional outstanding fixes for some crashes are provided as well. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id34143
    published2008-09-10
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34143
    titleFedora 9 : openoffice.org-2.4.1-17.6.fc9 (2008-7680)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2008-7680.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34143);
      script_version ("1.14");
      script_cvs_date("Date: 2019/08/02 13:32:28");
    
      script_cve_id("CVE-2008-3282");
      script_bugtraq_id(30866);
      script_xref(name:"FEDORA", value:"2008-7680");
    
      script_name(english:"Fedora 9 : openoffice.org-2.4.1-17.6.fc9 (2008-7680)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Resolves: CVE-2008-3282 numeric truncation error in 64bit OOo memory
    allocator An update to OpenOffice.org primarily to provide Serbian
    translations and support. Additional outstanding fixes for some
    crashes are provided as well.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=458056"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=460636"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2008-September/013651.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?8e86ae9b"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected openoffice.org package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:openoffice.org");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:9");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/09/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/09/10");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 9.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC9", reference:"openoffice.org-2.4.1-17.6.fc9")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openoffice.org");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-7531.NASL
    descriptionResolves: CVE-2008-3282 numeric truncation error in 64bit OOo memory allocator Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id34134
    published2008-09-10
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34134
    titleFedora 8 : openoffice.org-2.3.0-6.16.fc8 (2008-7531)

Oval

accepted2013-04-29T04:13:24.208-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionInteger overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.
familyunix
idoval:org.mitre.oval:def:11345
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleInteger overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.
version18

Redhat

advisories
bugzilla
id458056
titleCVE-2008-3282 openoffice.org: numeric truncation error in memory allocator (64bit)
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 5 is installed
      ovaloval:com.redhat.rhba:tst:20070331005
    • OR
      • AND
        • commentopenoffice.org-langpack-pl_PL is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835001
        • commentopenoffice.org-langpack-pl_PL is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069080
      • AND
        • commentopenoffice.org-langpack-sr_CS is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835003
        • commentopenoffice.org-langpack-sr_CS is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069088
      • AND
        • commentopenoffice.org-langpack-el_GR is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835005
        • commentopenoffice.org-langpack-el_GR is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069100
      • AND
        • commentopenoffice.org-calc is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835007
        • commentopenoffice.org-calc is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069130
      • AND
        • commentopenoffice.org-langpack-bg_BG is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835009
        • commentopenoffice.org-langpack-bg_BG is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069096
      • AND
        • commentopenoffice.org-langpack-nb_NO is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835011
        • commentopenoffice.org-langpack-nb_NO is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069006
      • AND
        • commentopenoffice.org-langpack-ms_MY is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835013
        • commentopenoffice.org-langpack-ms_MY is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069028
      • AND
        • commentopenoffice.org-langpack-sv is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835015
        • commentopenoffice.org-langpack-sv is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069120
      • AND
        • commentopenoffice.org-langpack-eu_ES is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835017
        • commentopenoffice.org-langpack-eu_ES is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069112
      • AND
        • commentopenoffice.org-langpack-st_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835019
        • commentopenoffice.org-langpack-st_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069122
      • AND
        • commentopenoffice.org-langpack-fi_FI is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835021
        • commentopenoffice.org-langpack-fi_FI is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069110
      • AND
        • commentopenoffice.org-langpack-fr is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835023
        • commentopenoffice.org-langpack-fr is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069032
      • AND
        • commentopenoffice.org-graphicfilter is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835025
        • commentopenoffice.org-graphicfilter is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069146
      • AND
        • commentopenoffice.org-base is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835027
        • commentopenoffice.org-base is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069038
      • AND
        • commentopenoffice.org-langpack-gl_ES is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835029
        • commentopenoffice.org-langpack-gl_ES is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069010
      • AND
        • commentopenoffice.org-langpack-es is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835031
        • commentopenoffice.org-langpack-es is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069116
      • AND
        • commentopenoffice.org-langpack-it is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835033
        • commentopenoffice.org-langpack-it is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069058
      • AND
        • commentopenoffice.org-langpack-ur is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835035
        • commentopenoffice.org-langpack-ur is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069108
      • AND
        • commentopenoffice.org-langpack-nl is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835037
        • commentopenoffice.org-langpack-nl is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069064
      • AND
        • commentopenoffice.org-langpack-tr_TR is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835039
        • commentopenoffice.org-langpack-tr_TR is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069002
      • AND
        • commentopenoffice.org-xsltfilter is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835041
        • commentopenoffice.org-xsltfilter is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069036
      • AND
        • commentopenoffice.org-langpack-et_EE is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835043
        • commentopenoffice.org-langpack-et_EE is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069054
      • AND
        • commentopenoffice.org-langpack-he_IL is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835045
        • commentopenoffice.org-langpack-he_IL is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069098
      • AND
        • commentopenoffice.org-langpack-kn_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835047
        • commentopenoffice.org-langpack-kn_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069128
      • AND
        • commentopenoffice.org-langpack-bn is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835049
        • commentopenoffice.org-langpack-bn is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069068
      • AND
        • commentopenoffice.org-langpack-ca_ES is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835051
        • commentopenoffice.org-langpack-ca_ES is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069022
      • AND
        • commentopenoffice.org-sdk-doc is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835053
        • commentopenoffice.org-sdk-doc is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20080537215
      • AND
        • commentopenoffice.org-langpack-nn_NO is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835055
        • commentopenoffice.org-langpack-nn_NO is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069086
      • AND
        • commentopenoffice.org-langpack-tn_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835057
        • commentopenoffice.org-langpack-tn_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069048
      • AND
        • commentopenoffice.org-langpack-hr_HR is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835059
        • commentopenoffice.org-langpack-hr_HR is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069020
      • AND
        • commentopenoffice.org-langpack-ts_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835061
        • commentopenoffice.org-langpack-ts_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069114
      • AND
        • commentopenoffice.org-impress is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835063
        • commentopenoffice.org-impress is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069118
      • AND
        • commentopenoffice.org-langpack-ve_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835065
        • commentopenoffice.org-langpack-ve_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069144
      • AND
        • commentopenoffice.org-langpack-zu_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835067
        • commentopenoffice.org-langpack-zu_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069066
      • AND
        • commentopenoffice.org-langpack-th_TH is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835069
        • commentopenoffice.org-langpack-th_TH is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069092
      • AND
        • commentopenoffice.org-headless is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835071
        • commentopenoffice.org-headless is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20080537235
      • AND
        • commentopenoffice.org-testtools is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835073
        • commentopenoffice.org-testtools is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069016
      • AND
        • commentopenoffice.org-langpack-zh_TW is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835075
        • commentopenoffice.org-langpack-zh_TW is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069076
      • AND
        • commentopenoffice.org-writer is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835077
        • commentopenoffice.org-writer is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069004
      • AND
        • commentopenoffice.org-langpack-ko_KR is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835079
        • commentopenoffice.org-langpack-ko_KR is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069030
      • AND
        • commentopenoffice.org-langpack-lt_LT is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835081
        • commentopenoffice.org-langpack-lt_LT is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069042
      • AND
        • commentopenoffice.org-langpack-hu_HU is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835083
        • commentopenoffice.org-langpack-hu_HU is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069018
      • AND
        • commentopenoffice.org-langpack-nr_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835085
        • commentopenoffice.org-langpack-nr_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069142
      • AND
        • commentopenoffice.org-langpack-cy_GB is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835087
        • commentopenoffice.org-langpack-cy_GB is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069034
      • AND
        • commentopenoffice.org-langpack-cs_CZ is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835089
        • commentopenoffice.org-langpack-cs_CZ is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069140
      • AND
        • commentopenoffice.org-langpack-te_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835091
        • commentopenoffice.org-langpack-te_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069052
      • AND
        • commentopenoffice.org-langpack-ml_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835093
        • commentopenoffice.org-langpack-ml_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069090
      • AND
        • commentopenoffice.org-pyuno is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835095
        • commentopenoffice.org-pyuno is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069094
      • AND
        • commentopenoffice.org-langpack-pt_BR is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835097
        • commentopenoffice.org-langpack-pt_BR is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069136
      • AND
        • commentopenoffice.org-langpack-af_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835099
        • commentopenoffice.org-langpack-af_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069102
      • AND
        • commentopenoffice.org-langpack-ru is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835101
        • commentopenoffice.org-langpack-ru is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069132
      • AND
        • commentopenoffice.org-langpack-or_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835103
        • commentopenoffice.org-langpack-or_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069106
      • AND
        • commentopenoffice.org-langpack-ta_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835105
        • commentopenoffice.org-langpack-ta_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069082
      • AND
        • commentopenoffice.org-langpack-pt_PT is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835107
        • commentopenoffice.org-langpack-pt_PT is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069060
      • AND
        • commentopenoffice.org-core is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835109
        • commentopenoffice.org-core is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069104
      • AND
        • commentopenoffice.org-langpack-sk_SK is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835111
        • commentopenoffice.org-langpack-sk_SK is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069134
      • AND
        • commentopenoffice.org-javafilter is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835113
        • commentopenoffice.org-javafilter is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069126
      • AND
        • commentopenoffice.org-math is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835115
        • commentopenoffice.org-math is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069024
      • AND
        • commentopenoffice.org-sdk is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835117
        • commentopenoffice.org-sdk is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20080537173
      • AND
        • commentopenoffice.org-langpack-ga_IE is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835119
        • commentopenoffice.org-langpack-ga_IE is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069014
      • AND
        • commentopenoffice.org-emailmerge is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835121
        • commentopenoffice.org-emailmerge is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069056
      • AND
        • commentopenoffice.org-langpack-hi_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835123
        • commentopenoffice.org-langpack-hi_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069138
      • AND
        • commentopenoffice.org-langpack-pa_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835125
        • commentopenoffice.org-langpack-pa_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069070
      • AND
        • commentopenoffice.org-langpack-da_DK is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835127
        • commentopenoffice.org-langpack-da_DK is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069084
      • AND
        • commentopenoffice.org-langpack-zh_CN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835129
        • commentopenoffice.org-langpack-zh_CN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069012
      • AND
        • commentopenoffice.org-langpack-ss_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835131
        • commentopenoffice.org-langpack-ss_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069008
      • AND
        • commentopenoffice.org-langpack-xh_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835133
        • commentopenoffice.org-langpack-xh_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069040
      • AND
        • commentopenoffice.org-langpack-ar is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835135
        • commentopenoffice.org-langpack-ar is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069072
      • AND
        • commentopenoffice.org-langpack-as_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835137
        • commentopenoffice.org-langpack-as_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069074
      • AND
        • commentopenoffice.org-langpack-ja_JP is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835139
        • commentopenoffice.org-langpack-ja_JP is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069046
      • AND
        • commentopenoffice.org-langpack-nso_ZA is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835141
        • commentopenoffice.org-langpack-nso_ZA is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069044
      • AND
        • commentopenoffice.org-langpack-mr_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835143
        • commentopenoffice.org-langpack-mr_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069050
      • AND
        • commentopenoffice.org-langpack-sl_SI is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835145
        • commentopenoffice.org-langpack-sl_SI is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069124
      • AND
        • commentopenoffice.org-langpack-gu_IN is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835147
        • commentopenoffice.org-langpack-gu_IN is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069026
      • AND
        • commentopenoffice.org-langpack-de is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835149
        • commentopenoffice.org-langpack-de is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069078
      • AND
        • commentopenoffice.org-draw is earlier than 1:2.3.0-6.5.2.el5_2
          ovaloval:com.redhat.rhsa:tst:20080835151
        • commentopenoffice.org-draw is signed with Red Hat redhatrelease key
          ovaloval:com.redhat.rhsa:tst:20070069062
rhsa
idRHSA-2008:0835
released2008-08-27
severityImportant
titleRHSA-2008:0835: openoffice.org security update (Important)
rpms
  • openoffice.org-base-1:2.3.0-6.5.2.el5_2
  • openoffice.org-calc-1:2.3.0-6.5.2.el5_2
  • openoffice.org-core-1:2.3.0-6.5.2.el5_2
  • openoffice.org-debuginfo-1:2.3.0-6.5.2.el5_2
  • openoffice.org-draw-1:2.3.0-6.5.2.el5_2
  • openoffice.org-emailmerge-1:2.3.0-6.5.2.el5_2
  • openoffice.org-graphicfilter-1:2.3.0-6.5.2.el5_2
  • openoffice.org-headless-1:2.3.0-6.5.2.el5_2
  • openoffice.org-impress-1:2.3.0-6.5.2.el5_2
  • openoffice.org-javafilter-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-af_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ar-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-as_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-bg_BG-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-bn-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ca_ES-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-cs_CZ-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-cy_GB-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-da_DK-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-de-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-el_GR-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-es-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-et_EE-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-eu_ES-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-fi_FI-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-fr-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ga_IE-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-gl_ES-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-gu_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-he_IL-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-hi_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-hr_HR-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-hu_HU-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-it-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ja_JP-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-kn_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ko_KR-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-lt_LT-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ml_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-mr_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ms_MY-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-nb_NO-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-nl-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-nn_NO-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-nr_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-nso_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-or_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-pa_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-pl_PL-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-pt_BR-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-pt_PT-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ru-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-sk_SK-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-sl_SI-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-sr_CS-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ss_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-st_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-sv-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ta_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-te_IN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-th_TH-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-tn_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-tr_TR-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ts_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ur-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-ve_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-xh_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-zh_CN-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-zh_TW-1:2.3.0-6.5.2.el5_2
  • openoffice.org-langpack-zu_ZA-1:2.3.0-6.5.2.el5_2
  • openoffice.org-math-1:2.3.0-6.5.2.el5_2
  • openoffice.org-pyuno-1:2.3.0-6.5.2.el5_2
  • openoffice.org-sdk-1:2.3.0-6.5.2.el5_2
  • openoffice.org-sdk-doc-1:2.3.0-6.5.2.el5_2
  • openoffice.org-testtools-1:2.3.0-6.5.2.el5_2
  • openoffice.org-writer-1:2.3.0-6.5.2.el5_2
  • openoffice.org-xsltfilter-1:2.3.0-6.5.2.el5_2

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 30866 CVE ID: CVE-2008-3282 CNCVE ID:CNCVE-20083282 OpenOffice是一款开源的办公文字处理应用程序。 OpenOffice内存分配中存在一个数字截断错误,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 sal/rtl/source/alloc_global.c中的rtl_allocateMemory()函数接受sal_Size n参数,在64位平台如x86_64上,sal_size定义为无符号长整数,请求的内存块大小之后以size (type sal_Size)内存对齐。size之后用于计算g_alloc_table[]数组的int索引: int index = (size - 1) &gt;&gt; RTL_MEMALIGN_SHIFT; 但是在64位平台上sizeof(int) == 4,sizeof(sal_Size) == 8,计算值不能匹配Index(这发生在当rtl_allocateMemory()调用超大参数时,如某些缺陷导致OpenOffice尝试使用负的大小分配内存块)。存储在index中的值被截断可造成index变负值。 在index使用之前,会对其是否超过固定上限进行检查,但是没有对其值是否&gt;= 0进行检查: if (index &lt; RTL_MEMORY_CACHED_LIMIT &gt;&gt; RTL_MEMALIGN_SHIFT) 用于g_alloc_table[index]的负索引会导致OpenOffice访问g_alloc_table[]数组之外的内存,这可导致应用程序崩溃,如果直至指向攻击者控制的内存,可导致以应用程序权限执行任意指令。 RedHat Enterprise Linux Optional Productivity Application 5 server RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client OpenOffice OpenOffice 2.4.1 OpenOffice OpenOffice 2.4 可参考如下安全公告获得补丁信息: <a href=http://www.openoffice.org/issues/show_bug.cgi?id=92217 target=_blank>http://www.openoffice.org/issues/show_bug.cgi?id=92217</a>
idSSV:3934
last seen2017-11-19
modified2008-08-28
published2008-08-28
reporterRoot
titleOpenOffice 'rtl_allocateMemory()'远程代码执行漏洞