Vulnerabilities > CVE-2009-2949 - Integer Overflow or Wraparound vulnerability in multiple products

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
apache
canonical
debian
CWE-190
critical
nessus

Summary

Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-903-1.NASL
    descriptionIt was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. (CVE-2009-0217) Sebastian Apelt and Frank Reissner discovered that OpenOffice did not correctly import XPM and GIF images. If a user were tricked into opening a specially crafted image, an attacker could execute arbitrary code with user privileges. (CVE-2009-2949, CVE-2009-2950) Nicolas Joly discovered that OpenOffice did not correctly handle certain Word documents. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary code with user privileges. (CVE-2009-3301, CVE-2009-3302) It was discovered that OpenOffice did not correctly handle certain VBA macros correctly. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary macro commands, bypassing security controls. (CVE-2010-0136). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44912
    published2010-02-25
    reporterUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44912
    titleUbuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : openoffice.org vulnerabilities (USN-903-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-1941.NASL
    description - Fri Feb 12 2010 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.12 - CVE-2009-2950 GIF file parsing heap overflow (caolanm) - CVE-2009-2949 integer overflow in XPM processing (caolanm) - CVE-2009-3301 .doc Table Parsing vulernability (caolanm) - CVE-2009-3302 .doc Table Parsing vulernability (caolanm) - Resolves: rhbz#549890 add workspace.extmgr01.patch (dtardon) - Resolves: rhbz#551983 OpenOffice writer crashes when opening document with link in footnote (dtardon) - Resolves: rhbz#550316 Openoffice.org Impress loses graphics when background color is changed (dtardon) - Resolves: rhbz#553929 [abrt] crash in ColorConfigCtrl_Impl::ScrollHdl (dtardon) - Resolves: rbhz#555257 openoffice cannot use JPEG images using CMYK colorspace (dtardon) - Resolves: rhbz#558342 [abrt] crash in SvxNumOptionsTabPage::InitControls (dtardon) - Tue Dec 15 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.11 - Resolves: rhbz#529648 add workspace.fwk132.patch - Wed Dec 9 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.10 - Resolves: rhbz#545783 add workspace.vcl105.patch (caolanm) - Wed Dec 9 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.9 - add openoffice.org-4.2.0.ooo107151.sc.pop-empty-cell.patch (dtardon) - Resolves: rhbz#533538 OpenOffice keyboard shortcuts mis-map in the Spanish localized version of OOo (caolanm) - Tue Nov 10 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.8 - Resolves: rhbz#533841 ooo#105710 svx loadstorenumbering (caolanm) - Thu Nov 5 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.7 - Resolves: ooo#106523 fix pdf/A export on x86_64 (caolanm) - Thu Nov 5 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.6 - Resolves: rhbz#533146 calc notes go missing on save - Wed Oct 28 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.5 - Resolves: rhbz#531554 add workspace.chart41.patch - Wed Oct 21 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.4 - Resolves: rhbz#522839 crash on exit after loading .doc - Resolves: rhbz#529746 crash on exit after loading .ppt - Mon Sep 7 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.3 - Resolves: rhbz#521460 - wrong UI label for A3/A5 page sizes in translations - Wed Sep 2 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.2 - Resolves: rhbz#520772 copy/paste cockup - Fri Aug 28 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.1 - update to 3.1.1 - Resolves: rhbz#512355 add openoffice.org-3.1.0.ooo103651.canvas.nosubpixel.patc - add workspace.os132.patch to avoid switch html view overwrite horror - Resolves: rhbz#517843 add openoffice.org-3.1.1.ooo104306.moverecentlyused.patch - Resolves: rhbz#514683 add openoffice.org-3.1.1.ooo104329.dbaccess.primarykeys.pa tch - Resolves: rbhz#501141 Images and Frames disappear in sequential printing - backport workspace.vcl102.patch to fix xdg support - add workspace.cmcfixes62.patch for 64bit odbc goodness and rebuild against now 64bit-safe unixODBC headers - Thu Jul 9 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.0-11.5 [plus 13 lines in the Changelog] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47289
    published2010-07-01
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47289
    titleFedora 11 : openoffice.org-3.1.1-19.12.fc11 (2010-1941)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2010-0101.NASL
    descriptionFrom Red Hat Security Advisory 2010:0101 : Updated openoffice.org packages that correct multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org parsed XPM files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could lead to arbitrary code execution with the permissions of the user running OpenOffice.org. Note: This flaw affects embedded XPM files in OpenOffice.org documents as well as stand-alone XPM files. (CVE-2009-2949) An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parsed certain records in Microsoft Word documents. An attacker could create a specially crafted Microsoft Word document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash or, potentially, execute arbitrary code with the permissions of the user running OpenOffice.org. (CVE-2009-3301, CVE-2009-3302) A heap-based buffer overflow flaw, leading to memory corruption, was found in the way OpenOffice.org parsed GIF files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash. Note: This flaw affects embedded GIF files in OpenOffice.org documents as well as stand-alone GIF files. (CVE-2009-2950) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id67995
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67995
    titleOracle Linux 3 / 4 : openoffice.org (ELSA-2010-0101)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20100212_OPENOFFICE_ORG_ON_SL4_X.NASL
    descriptionCVE-2009-2950 openoffice.org: GIF file parsing heap overflow CVE-2009-2949 openoffice.org: integer overflow in XPM processing CVE-2009-3301 OpenOffice.org Word sprmTDefTable Memory Corruption CVE-2009-3302 OpenOffice.org Word sprmTSetBrc Memory Corruption An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org parsed XPM files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could lead to arbitrary code execution with the permissions of the user running OpenOffice.org. Note: This flaw affects embedded XPM files in OpenOffice.org documents as well as stand-alone XPM files. (CVE-2009-2949) An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parsed certain records in Microsoft Word documents. An attacker could create a specially crafted Microsoft Word document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash or, potentially, execute arbitrary code with the permissions of the user running OpenOffice.org. (CVE-2009-3301, CVE-2009-3302) A heap-based buffer overflow flaw, leading to memory corruption, was found in the way OpenOffice.org parsed GIF files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash. Note: This flaw affects embedded GIF files in OpenOffice.org documents as well as stand-alone GIF files. (CVE-2009-2950) All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id60732
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60732
    titleScientific Linux Security Update : openoffice.org on SL4.x i386/x86_64
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201408-19.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201408-19 (OpenOffice, LibreOffice: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted file using OpenOffice, possibly resulting in execution of arbitrary code with the privileges of the process, a Denial of Service condition, execution of arbitrary Python code, authentication bypass, or reading and writing of arbitrary files. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id77467
    published2014-09-01
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/77467
    titleGLSA-201408-19 : OpenOffice, LibreOffice: Multiple vulnerabilities
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20100212_OPENOFFICE_ORG_ON_SL3_X.NASL
    descriptionCVE-2009-2950 openoffice.org: GIF file parsing heap overflow CVE-2009-2949 openoffice.org: integer overflow in XPM processing CVE-2009-3301 OpenOffice.org Word sprmTDefTable Memory Corruption CVE-2009-3302 OpenOffice.org Word sprmTSetBrc Memory Corruption An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org parsed XPM files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could lead to arbitrary code execution with the permissions of the user running OpenOffice.org. Note: This flaw affects embedded XPM files in OpenOffice.org documents as well as stand-alone XPM files. (CVE-2009-2949) An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parsed certain records in Microsoft Word documents. An attacker could create a specially crafted Microsoft Word document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash or, potentially, execute arbitrary code with the permissions of the user running OpenOffice.org. (CVE-2009-3301, CVE-2009-3302) A heap-based buffer overflow flaw, leading to memory corruption, was found in the way OpenOffice.org parsed GIF files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash. Note: This flaw affects embedded GIF files in OpenOffice.org documents as well as stand-alone GIF files. (CVE-2009-2950) All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id60731
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60731
    titleScientific Linux Security Update : openoffice.org on SL3.x i386/x86_64
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_OPENOFFICE_ORG-100211.NASL
    descriptionThis update of OpenOffice_org includes fixes for the following vulnerabilities : - CVE-2009-0217: XML signature weakness - CVE-2009-2949: XPM Import Integer Overflow - CVE-2009-2950: GIF Import Heap Overflow - CVE-2009-3301: MS Word sprmTDefTable Memory Corruption - CVE-2009-3302: MS Word sprmTDefTable Memory Corruption - CVE-2010-0136: In the ooo-build variant of OpenOffice_org VBA Macro support does not honor Macro security settings.
    last seen2020-06-01
    modified2020-06-02
    plugin id45071
    published2010-03-17
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/45071
    titleopenSUSE Security Update : OpenOffice_org (OpenOffice_org-1979)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20100212_OPENOFFICE_ORG_ON_SL5_X.NASL
    descriptionCVE-2009-2950 openoffice.org: GIF file parsing heap overflow CVE-2009-2949 openoffice.org: integer overflow in XPM processing CVE-2009-3301 OpenOffice.org Word sprmTDefTable Memory Corruption CVE-2009-3302 OpenOffice.org Word sprmTSetBrc Memory Corruption An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org parsed XPM files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could lead to arbitrary code execution with the permissions of the user running OpenOffice.org. Note: This flaw affects embedded XPM files in OpenOffice.org documents as well as stand-alone XPM files. (CVE-2009-2949) An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parsed certain records in Microsoft Word documents. An attacker could create a specially crafted Microsoft Word document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash or, potentially, execute arbitrary code with the permissions of the user running OpenOffice.org. (CVE-2009-3301, CVE-2009-3302) A heap-based buffer overflow flaw, leading to memory corruption, was found in the way OpenOffice.org parsed GIF files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash. Note: This flaw affects embedded GIF files in OpenOffice.org documents as well as stand-alone GIF files. (CVE-2009-2950) All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id60733
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60733
    titleScientific Linux Security Update : openoffice.org on SL5.x i386/x86_64
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1995.NASL
    descriptionSeveral vulnerabilities have been discovered in the OpenOffice.org office suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0136 It was discovered that macro security settings were insufficiently enforced for VBA macros. - CVE-2009-0217 It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This also affects the integrated libxmlsec library. - CVE-2009-2949 Sebastian Apelt discovered that an integer overflow in the XPM import code may lead to the execution of arbitrary code. - CVE-2009-2950 Sebastian Apelt and Frank Reissner discovered that a buffer overflow in the GIF import code may lead to the execution of arbitrary code. - CVE-2009-3301/ CVE-2009-3302 Nicolas Joly discovered multiple vulnerabilities in the parser for Word document files, which may lead to the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id44859
    published2010-02-24
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44859
    titleDebian DSA-1995-1 : openoffice.org - several vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_OPENOFFICE_ORG-6883.NASL
    descriptionThis update of OpenOffice_org includes fixes for the following vulnerabilities : - XML signature weakness CVE-2009-2949: XPM Import Integer Overflow CVE-2009-2950: GIF Import Heap Overflow CVE-2009-3301: MS Word sprmTDefTable Memory Corruption CVE-2009-3302: MS Word sprmTDefTable Memory Corruption CVE-2010-0136: In the ooo-build variant of OpenOffice_org VBA Macro support does not honor Macro security settings. (CVE-2009-0217) This also provides the maintenance update to OpenOffice.org-3.2.
    last seen2020-06-01
    modified2020-06-02
    plugin id51684
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51684
    titleSuSE 10 Security Update : OpenOffice_org (ZYPP Patch Number 6883)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_OPENOFFICE_ORG-6884.NASL
    descriptionThis update of OpenOffice_org includes fixes for the following vulnerabilities : - XML signature weakness CVE-2009-2949: XPM Import Integer Overflow CVE-2009-2950: GIF Import Heap Overflow CVE-2009-3301: MS Word sprmTDefTable Memory Corruption CVE-2009-3302: MS Word sprmTDefTable Memory Corruption CVE-2010-0136: In the ooo-build variant of OpenOffice_org VBA Macro support does not honor Macro security settings. (CVE-2009-0217) This also provides the maintenance update to OpenOffice.org-3.2.
    last seen2020-06-01
    modified2020-06-02
    plugin id51685
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51685
    titleSuSE 10 Security Update : OpenOffice_org (ZYPP Patch Number 6884)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2010-221.NASL
    descriptionMultiple vulnerabilities was discovered and corrected in the OpenOffice.org : Integer overflow allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow (CVE-2009-2949). Heap-based buffer overflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression (CVE-2009-2950). Integer underflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document (CVE-2009-3301). boundary error flaw allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document (CVE-2009-3302). Lack of properly enforcing Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document (CVE-2010-0136). User-assisted remote attackers are able to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed (CVE-2010-0395). Impress module does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an integer truncation error (CVE-2010-2935). Integer overflow in the Impress allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow (CVE-2010-2936). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4 90 This update provides OpenOffice.org packages have been patched to correct these issues and additional dependent packages.
    last seen2020-06-01
    modified2020-06-02
    plugin id50503
    published2010-11-07
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/50503
    titleMandriva Linux Security Advisory : openoffice.org (MDVSA-2010:221)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_OPENOFFICE_ORG-100225.NASL
    descriptionThis update of OpenOffice_org includes fixes for the following vulnerabilities : - XML signature weakness. (CVE-2009-0217) - XPM Import Integer Overflow. (CVE-2009-2949) - GIF Import Heap Overflow. (CVE-2009-2950) - MS Word sprmTDefTable Memory Corruption. (CVE-2009-3301) - MS Word sprmTDefTable Memory Corruption. (CVE-2009-3302) - In the ooo-build variant of OpenOffice_org VBA Macro support does not honor Macro security settings. (CVE-2010-0136) This also provides the maintenance update to OpenOffice.org-3.2. Details about all upstream changes can be found at http://development.openoffice.org/releases/3.2.0.html
    last seen2020-06-01
    modified2020-06-02
    plugin id51594
    published2011-01-21
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51594
    titleSuSE 11 Security Update : OpenOffice_org (SAT Patch Number 2080)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_OPENOFFICE_ORG-BASE-DRIVERS-POSTGRESQL-100211.NASL
    descriptionThis update of OpenOffice_org includes fixes for the following vulnerabilities : - CVE-2009-0217: XML signature weakness - CVE-2009-2949: XPM Import Integer Overflow - CVE-2009-2950: GIF Import Heap Overflow - CVE-2009-3301: MS Word sprmTDefTable Memory Corruption - CVE-2009-3302: MS Word sprmTDefTable Memory Corruption - CVE-2010-0136: In the ooo-build variant of OpenOffice_org VBA Macro support does not honor Macro security settings.
    last seen2020-06-01
    modified2020-06-02
    plugin id45073
    published2010-03-17
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/45073
    titleopenSUSE Security Update : OpenOffice_org-base-drivers-postgresql (OpenOffice_org-base-drivers-postgresql-1981)
  • NASL familyWindows
    NASL idOPENOFFICE_32.NASL
    descriptionThe version of Sun Microsystems OpenOffice.org installed on the remote host is prior to version 3.2. It is, therefore, affected by several issues : - Signatures may not be handled properly due to a vulnerability in the libxml2 library. (CVE-2006-4339) - There is an HMAC truncation authentication bypass vulnerability in the libxmlsec library. (CVE-2009-0217) - The application is bundled with a vulnerable version of the Microsoft VC++ runtime. (CVE-2009-2493) - Specially crafted XPM files are not processed properly, which could lead to arbitrary code execution. (CVE-2009-2949) - Specially crafted GIF files are not processed properly, which could lead to arbitrary code execution. (CVE-2009-2950) - Specially crafted Microsoft Word documents are not processed properly, which could lead to arbitrary code execution. (CVE-2009-3301 / CVE-2009-3302)
    last seen2020-06-01
    modified2020-06-02
    plugin id44597
    published2010-02-12
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44597
    titleSun OpenOffice.org < 3.2 Multiple Vulnerabilities
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2010-0101.NASL
    descriptionUpdated openoffice.org packages that correct multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org parsed XPM files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could lead to arbitrary code execution with the permissions of the user running OpenOffice.org. Note: This flaw affects embedded XPM files in OpenOffice.org documents as well as stand-alone XPM files. (CVE-2009-2949) An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parsed certain records in Microsoft Word documents. An attacker could create a specially crafted Microsoft Word document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash or, potentially, execute arbitrary code with the permissions of the user running OpenOffice.org. (CVE-2009-3301, CVE-2009-3302) A heap-based buffer overflow flaw, leading to memory corruption, was found in the way OpenOffice.org parsed GIF files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash. Note: This flaw affects embedded GIF files in OpenOffice.org documents as well as stand-alone GIF files. (CVE-2009-2950) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id44598
    published2010-02-15
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44598
    titleCentOS 3 / 4 / 5 : openoffice.org (CESA-2010:0101)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_OPENOFFICE_ORG-100226.NASL
    descriptionThis update of OpenOffice_org includes fixes for the following vulnerabilities : - XML signature weakness. (CVE-2009-0217) - XPM Import Integer Overflow. (CVE-2009-2949) - GIF Import Heap Overflow. (CVE-2009-2950) - MS Word sprmTDefTable Memory Corruption. (CVE-2009-3301) - MS Word sprmTDefTable Memory Corruption. (CVE-2009-3302) - In the ooo-build variant of OpenOffice_org VBA Macro support does not honor Macro security settings. (CVE-2010-0136) This also provides the maintenance update to OpenOffice.org-3.2. Details about all upstream changes can be found at http://development.openoffice.org/releases/3.2.0.html
    last seen2020-06-01
    modified2020-06-02
    plugin id45064
    published2010-03-16
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/45064
    titleSuSE 11 Security Update : OpenOffice_org (SAT Patch Number 2080)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_OPENOFFICE_ORG-BASE-DRIVERS-POSTGRESQL-100216.NASL
    descriptionThis update of OpenOffice_org includes fixes for the following vulnerabilities : - CVE-2009-0217: XML signature weakness - CVE-2009-2949: XPM Import Integer Overflow - CVE-2009-2950: GIF Import Heap Overflow - CVE-2009-3301: MS Word sprmTDefTable Memory Corruption - CVE-2009-3302: MS Word sprmTDefTable Memory Corruption - CVE-2010-0136: In the ooo-build variant of OpenOffice_org VBA Macro support does not honor Macro security settings.
    last seen2020-06-01
    modified2020-06-02
    plugin id45075
    published2010-03-17
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/45075
    titleopenSUSE Security Update : OpenOffice_org-base-drivers-postgresql (OpenOffice_org-base-drivers-postgresql-1980)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-1847.NASL
    description - Fri Feb 12 2010 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.26 - CVE-2009-2950 GIF file parsing heap overflow (caolanm) - CVE-2009-2949 integer overflow in XPM processing (caolanm) - CVE-2009-3301 .doc Table Parsing vulernability (caolanm) - CVE-2009-3302 .doc Table Parsing vulernability (caolanm) - Resolves: rhbz#561778 openoffice.org-3.2.0.oooXXXXX.svx.safestyledelete.patc h - Resolves: rhbz#561989 openoffice.org-3.2.0.ooo109009.sc.tooltipcrash.patch - Resolves: rhbz#445588 improve same name substitution - Tue Feb 2 2010 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.25 - Resolves: rhbz#549890 add workspace.extmgr01.patch (dtardon) - Resolves: rhbz#551983 OpenOffice writer crashes when opening document with link in footnote (dtardon) - Resolves: rhbz#550316 Openoffice.org Impress loses graphics when background color is changed (dtardon) - Resolves: rhbz#554259 No autocorrect files for Lithuanian (dtardon) - Resolves: rhbz#553929 [abrt] crash in ColorConfigCtrl_Impl::ScrollHdl (dtardon) - Resolves: rhbz#549573 improve document compare (caolanm) - Resolves: rbhz#555257 openoffice cannot use JPEG images using CMYK colorspace (dtardon) - Resolves: rhbz#558342 [abrt] crash in SvxNumOptionsTabPage::InitControls (dtardon) - Resolves: ooo#108637/rhbz#558253 sfx2 uisavedir (caolanm) - Resolves: rhbz#560435 rtf dropcap crash (caolanm) - Resolves: rhbz#560996/rhbz#560353 qstartfixes (caolanm) - Tue Dec 22 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.24 - Resolves: rhbz#545824 bustage in writer with emboldened fonts - Fri Dec 18 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.23 - Resolves: rhbz#548512 workspace.ooo32gsl03.patch - Tue Dec 15 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.22 - Resolves: rhbz#529648 add workspace.fwk132.patch - Resolves: rhbz#547176 add openoffice.org-3.2.0.ooo47279.sd.objectsave.safe.patch - Wed Dec 9 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.21 - Resolves: rhbz#544124 add openoffice.org-3.2.0.ooo106502.svx.fixspelltimer.patch - Resolves: rhbz#544218 add openoffice.org-3.2.0.ooo107552.vcl.sft.patch - Resolves: rhbz#545783 add workspace.vcl105.patch - Fri Nov 27 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.20 - Resolves: rhbz#541222 add openoffice.org-3.2.0.ooo107260.dtrans.clipboard.shutdo wn.patch (caolanm) - Mon Nov 23 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.19 - Resolves: rhbz#540379/ooo#107131 impress tabledrag crash - Resolves: rhbz#540231 add openoffice.org-3.2.0.oooXXXXX.canvas.fixcolorspace.pat ch - add openoffice.org-4.2.0.ooo107151.sc.pop-empty-cell.patch (dtardon) - Resolves: rhbz#533538 OpenOffice keyboard shortcuts mis-map in the Spanish localized version of OOo (caolanm) - Tue Nov 17 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.18 - Resolves: ooo#59648 sw .doc export scaling (caolanm) - Tue Nov 10 2009 Caolan McNamara <caolanm at redhat.com> - 1:3.1.1-19.17 - Resolves: rhbz#533841 ooo#105710 svx loadstorenumbering (caolanm) [plus 8 lines in the Changelog] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id47276
    published2010-07-01
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/47276
    titleFedora 12 : openoffice.org-3.1.1-19.26.fc12 (2010-1847)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2010-0101.NASL
    descriptionUpdated openoffice.org packages that correct multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org parsed XPM files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could lead to arbitrary code execution with the permissions of the user running OpenOffice.org. Note: This flaw affects embedded XPM files in OpenOffice.org documents as well as stand-alone XPM files. (CVE-2009-2949) An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parsed certain records in Microsoft Word documents. An attacker could create a specially crafted Microsoft Word document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash or, potentially, execute arbitrary code with the permissions of the user running OpenOffice.org. (CVE-2009-3301, CVE-2009-3302) A heap-based buffer overflow flaw, leading to memory corruption, was found in the way OpenOffice.org parsed GIF files. An attacker could create a specially crafted document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash. Note: This flaw affects embedded GIF files in OpenOffice.org documents as well as stand-alone GIF files. (CVE-2009-2950) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id44605
    published2010-02-15
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44605
    titleRHEL 3 / 4 / 5 : openoffice.org (RHSA-2010:0101)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_C97D7A37223311DF96DD001B2134EF46.NASL
    descriptionOpenOffice.org Security Team reports : Fixed in OpenOffice.org 3.2 CVE-2006-4339: Potential vulnerability from 3rd party libxml2 libraries CVE-2009-0217: Potential vulnerability from 3rd party libxmlsec libraries CVE-2009-2493: OpenOffice.org 3 for Windows bundles a vulnerable version of MSVC Runtime CVE-2009-2949: Potential vulnerability related to XPM file processing CVE-2009-2950: Potential vulnerability related to GIF file processing CVE-2009-3301/2: Potential vulnerability related to MS-Word document processing
    last seen2020-06-01
    modified2020-06-02
    plugin id44922
    published2010-03-01
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44922
    titleFreeBSD : openoffice.org -- multiple vulnerabilities (c97d7a37-2233-11df-96dd-001b2134ef46)

Oval

accepted2013-04-29T04:02:42.148-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionInteger overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
familyunix
idoval:org.mitre.oval:def:10176
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleInteger overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
version27

Redhat

advisories
rhsa
idRHSA-2010:0101
rpms
  • openoffice.org-0:1.1.2-46.2.0.EL3
  • openoffice.org-0:1.1.5-10.6.0.7.EL4.3
  • openoffice.org-base-1:2.3.0-6.11.el5_4.4
  • openoffice.org-calc-1:2.3.0-6.11.el5_4.4
  • openoffice.org-core-1:2.3.0-6.11.el5_4.4
  • openoffice.org-debuginfo-0:1.1.2-46.2.0.EL3
  • openoffice.org-debuginfo-0:1.1.5-10.6.0.7.EL4.3
  • openoffice.org-debuginfo-1:2.3.0-6.11.el5_4.4
  • openoffice.org-draw-1:2.3.0-6.11.el5_4.4
  • openoffice.org-emailmerge-1:2.3.0-6.11.el5_4.4
  • openoffice.org-graphicfilter-1:2.3.0-6.11.el5_4.4
  • openoffice.org-headless-1:2.3.0-6.11.el5_4.4
  • openoffice.org-i18n-0:1.1.2-46.2.0.EL3
  • openoffice.org-i18n-0:1.1.5-10.6.0.7.EL4.3
  • openoffice.org-impress-1:2.3.0-6.11.el5_4.4
  • openoffice.org-javafilter-1:2.3.0-6.11.el5_4.4
  • openoffice.org-kde-0:1.1.5-10.6.0.7.EL4.3
  • openoffice.org-langpack-af_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ar-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-as_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-bg_BG-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-bn-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ca_ES-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-cs_CZ-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-cy_GB-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-da_DK-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-de-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-el_GR-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-es-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-et_EE-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-eu_ES-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-fi_FI-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-fr-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ga_IE-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-gl_ES-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-gu_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-he_IL-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-hi_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-hr_HR-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-hu_HU-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-it-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ja_JP-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-kn_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ko_KR-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-lt_LT-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ml_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-mr_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ms_MY-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-nb_NO-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-nl-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-nn_NO-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-nr_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-nso_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-or_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-pa_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-pl_PL-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-pt_BR-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-pt_PT-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ru-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-sk_SK-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-sl_SI-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-sr_CS-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ss_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-st_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-sv-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ta_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-te_IN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-th_TH-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-tn_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-tr_TR-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ts_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ur-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-ve_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-xh_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-zh_CN-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-zh_TW-1:2.3.0-6.11.el5_4.4
  • openoffice.org-langpack-zu_ZA-1:2.3.0-6.11.el5_4.4
  • openoffice.org-libs-0:1.1.2-46.2.0.EL3
  • openoffice.org-libs-0:1.1.5-10.6.0.7.EL4.3
  • openoffice.org-math-1:2.3.0-6.11.el5_4.4
  • openoffice.org-pyuno-1:2.3.0-6.11.el5_4.4
  • openoffice.org-sdk-1:2.3.0-6.11.el5_4.4
  • openoffice.org-sdk-doc-1:2.3.0-6.11.el5_4.4
  • openoffice.org-testtools-1:2.3.0-6.11.el5_4.4
  • openoffice.org-writer-1:2.3.0-6.11.el5_4.4
  • openoffice.org-xsltfilter-1:2.3.0-6.11.el5_4.4
  • openoffice.org2-base-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-calc-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-core-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-debuginfo-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-draw-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-emailmerge-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-graphicfilter-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-impress-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-javafilter-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-af_ZA-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-ar-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-bg_BG-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-bn-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-ca_ES-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-cs_CZ-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-cy_GB-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-da_DK-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-de-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-el_GR-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-es-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-et_EE-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-eu_ES-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-fi_FI-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-fr-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-ga_IE-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-gl_ES-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-gu_IN-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-he_IL-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-hi_IN-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-hr_HR-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-hu_HU-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-it-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-ja_JP-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-ko_KR-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-lt_LT-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-ms_MY-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-nb_NO-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-nl-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-nn_NO-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-pa_IN-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-pl_PL-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-pt_BR-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-pt_PT-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-ru-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-sk_SK-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-sl_SI-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-sr_CS-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-sv-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-ta_IN-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-th_TH-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-tr_TR-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-zh_CN-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-zh_TW-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-langpack-zu_ZA-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-math-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-pyuno-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-testtools-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-writer-1:2.0.4-5.7.0.6.1.el4_8.3
  • openoffice.org2-xsltfilter-1:2.0.4-5.7.0.6.1.el4_8.3