Vulnerabilities > CVE-2012-0037 - XXE vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2012-061.NASL description An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2012-0037). The updated packages have been patched to correct this issue. raptor2 for Mandriva Linux 2011 has been upgraded to the 2.0.7 version which is not vulnerable to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 58830 published 2012-04-23 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/58830 title Mandriva Linux Security Advisory : raptor (MDVSA-2012:061) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2012:061. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(58830); script_version("1.9"); script_cvs_date("Date: 2019/08/02 13:32:54"); script_cve_id("CVE-2012-0037"); script_xref(name:"MDVSA", value:"2012:061"); script_name(english:"Mandriva Linux Security Advisory : raptor (MDVSA-2012:061)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2012-0037). The updated packages have been patched to correct this issue. raptor2 for Mandriva Linux 2011 has been upgraded to the 2.0.7 version which is not vulnerable to this issue." ); script_set_attribute( attribute:"see_also", value:"http://www.libreoffice.org/advisories/CVE-2012-0037/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64raptor-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64raptor1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64raptor2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64raptor2_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libraptor-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libraptor1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libraptor2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libraptor2_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:raptor"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:raptor2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2011"); script_set_attribute(attribute:"patch_publication_date", value:"2012/04/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/04/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64raptor-devel-1.4.21-5.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64raptor1-1.4.21-5.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libraptor-devel-1.4.21-5.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libraptor1-1.4.21-5.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"raptor-1.4.21-5.1mdv2010.2", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64raptor-devel-1.4.21-5.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64raptor1-1.4.21-5.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64raptor2-devel-2.0.7-0.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"x86_64", reference:"lib64raptor2_0-2.0.7-0.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libraptor-devel-1.4.21-5.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libraptor1-1.4.21-5.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libraptor2-devel-2.0.7-0.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", cpu:"i386", reference:"libraptor2_0-2.0.7-0.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"raptor-1.4.21-5.1-mdv2011.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2011", reference:"raptor2-2.0.7-0.1-mdv2011.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0411.NASL description Updated openoffice.org packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. OpenOffice.org embeds a copy of Raptor, which provides parsers for Resource Description Framework (RDF) files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If OpenOffice.org were to open a specially crafted file (such as an OpenDocument Format or OpenDocument Presentation file), it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running OpenOffice.org had access to. A bug in the way Raptor handled external entities could cause OpenOffice.org to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org. (CVE-2012-0037) Red Hat would like to thank Timothy D. Morgan of VSR for reporting this issue. All OpenOffice.org users are advised to upgrade to these updated packages, which contain backported patches to correct this issue. All running instances of OpenOffice.org applications must be restarted for this update to take effect. last seen 2020-04-16 modified 2012-03-23 plugin id 58442 published 2012-03-23 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58442 title RHEL 5 : openoffice.org (RHSA-2012:0411) NASL family Windows NASL id OPENOFFICE_2012_0037.NASL description The remote host is running a version of OpenOffice.org that has flaws in the way certain XML components are processed for external entities in ODF documents. These flaws can be utilized to access and inject the content of local files into an ODF document without a user last seen 2020-06-01 modified 2020-06-02 plugin id 58727 published 2012-04-12 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/58727 title OpenOffice XML External Entity RDF Document Handling Information Disclosure NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0411.NASL description Updated openoffice.org packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. OpenOffice.org embeds a copy of Raptor, which provides parsers for Resource Description Framework (RDF) files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If OpenOffice.org were to open a specially crafted file (such as an OpenDocument Format or OpenDocument Presentation file), it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running OpenOffice.org had access to. A bug in the way Raptor handled external entities could cause OpenOffice.org to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org. (CVE-2012-0037) Red Hat would like to thank Timothy D. Morgan of VSR for reporting this issue. All OpenOffice.org users are advised to upgrade to these updated packages, which contain backported patches to correct this issue. All running instances of OpenOffice.org applications must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 58458 published 2012-03-26 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58458 title CentOS 5 : openoffice.org (CESA-2012:0411) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1480-1.NASL description Timothy D. Morgan discovered that Raptor would unconditionally load XML external entities. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could possibly obtain access to arbitrary files on the user last seen 2020-06-01 modified 2020-06-02 plugin id 59567 published 2012-06-19 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59567 title Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : raptor vulnerability (USN-1480-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201408-19.NASL description The remote host is affected by the vulnerability described in GLSA-201408-19 (OpenOffice, LibreOffice: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted file using OpenOffice, possibly resulting in execution of arbitrary code with the privileges of the process, a Denial of Service condition, execution of arbitrary Python code, authentication bypass, or reading and writing of arbitrary files. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 77467 published 2014-09-01 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77467 title GLSA-201408-19 : OpenOffice, LibreOffice: Multiple vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1901-1.NASL description Timothy D. Morgan discovered that Raptor would unconditionally load XML external entities. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could possibly obtain access to arbitrary files on the user last seen 2020-06-01 modified 2020-06-02 plugin id 67206 published 2013-07-09 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67206 title Ubuntu 12.04 LTS : raptor2 vulnerability (USN-1901-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-0410.NASL description From Red Hat Security Advisory 2012:0410 : Updated raptor packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Raptor provides parsers for Resource Description Framework (RDF) files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-0037) Red Hat would like to thank Timothy D. Morgan of VSR for reporting this issue. All Raptor users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against Raptor must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 68500 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68500 title Oracle Linux 6 : raptor (ELSA-2012-0410) NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-183.NASL description - updated to libreoffice-3.4.5.5 (SUSE 3.4.5-rc3) : - extras - add SUSE color palette (fate#312645) - filters - crash when loading embedded elements (bnc#693238) - crash when importing an empty paragraph (rh#667082) - writer - do not use an invalidated iterator (fdo#46337) - updated to libreoffice-3.4.5.4 (SUSE 3.4.5-rc2) - calc - pie charts colors messed in XLS import (fdo#40320) - correctly import data point formats in data series (fdo#40320) - components - crash when parsing XML signatures (fdo#39657) - broken getDataArray (fdo#46165, fdo#38441, i#117010) - don last seen 2020-06-05 modified 2014-06-13 plugin id 74581 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74581 title openSUSE Security Update : libreoffice (openSUSE-SU-2012:0428-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0410.NASL description Updated raptor packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Raptor provides parsers for Resource Description Framework (RDF) files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-0037) Red Hat would like to thank Timothy D. Morgan of VSR for reporting this issue. All Raptor users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against Raptor must be restarted for this update to take effect. last seen 2020-04-16 modified 2012-03-23 plugin id 58441 published 2012-03-23 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58441 title RHEL 6 : raptor (RHSA-2012:0410) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2438.NASL description It was discovered that Raptor, a RDF parser and serializer library, allows file inclusion through XML entities, resulting in information disclosure. last seen 2020-03-17 modified 2012-03-23 plugin id 58436 published 2012-03-23 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58436 title Debian DSA-2438-1 : raptor - programming error NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_60F81AF3769011E1942300235A5F2C9A.NASL description Timothy D. Morgan reports : In December 2011, VSR identified a vulnerability in multiple open source office products (including OpenOffice, LibreOffice, KOffice, and AbiWord) due to unsafe interpretation of XML files with custom entity declarations. Deeper analysis revealed that the vulnerability was caused by acceptance of external entities by the libraptor library, which is used by librdf and is in turn used by these office products. In the context of office applications, these vulnerabilities could allow for XML External Entity (XXE) attacks resulting in file theft and a loss of user privacy when opening potentially malicious ODF documents. For other applications which depend on librdf or libraptor, potentially serious consequences could result from accepting RDF/XML content from untrusted sources, though the impact may vary widely depending on the context. last seen 2020-06-01 modified 2020-06-02 plugin id 58472 published 2012-03-26 reporter This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58472 title FreeBSD : raptor/raptor2 -- XXE in RDF/XML File Interpretation (60f81af3-7690-11e1-9423-00235a5f2c9a) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201209-05.NASL description The remote host is affected by the vulnerability described in GLSA-201209-05 (LibreOffice: Multiple vulnerabilities) Multiple vulnerabilities have been found in LibreOffice: The Microsoft Word Document parser contains an out-of-bounds read error (CVE-2011-2713). The Raptor RDF parser contains an XML External Entity expansion error (CVE-2012-0037). The graphic loading parser contains an integer overflow error which could cause a heap-based buffer overflow (CVE-2012-1149). Multiple errors in the XML manifest handling code could cause a heap-based buffer overflow (CVE-2012-2665). Impact : A remote attacker could entice a user to open a specially crafted document file using LibreOffice, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 62286 published 2012-09-25 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/62286 title GLSA-201209-05 : LibreOffice: Multiple vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2012-10590.NASL description This is new version of package that fixes CVE-2012-0037. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-07-31 plugin id 60157 published 2012-07-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60157 title Fedora 16 : raptor-1.4.21-12.fc16 (2012-10590) NASL family SuSE Local Security Checks NASL id SUSE_LIBREOFFICE-345-8022.NASL description LibreOffice 3.4.5 includes many fixes over the previous LibreOffice 3.4.2.6 update. The update fixes the following security issues : - 740453: Vulnerability in RDF handling. (CVE-2012-0037) - 752595: overflow in jpeg handling. (CVE-2012-1149) - 736146: buffer overflow in the build in icu copy (736146) This update also fixes the following non-security issues : Extras : - add SUSE color palette (fate#312645) Filters : - crash when loading embedded elements. (bnc#693238) - crash when importing an empty paragraph (rh#667082) - more on bentConnectors. (bnc#736495) - wrong text color in smartArt. (bnc#746996) - reading of w:textbox contents. (bnc#693388) - textbox position and size DOCX import (fdo#45560) - RTF/DOCX import of transparent frames. (bnc#695479) - consecutive frames in RTF/DOCX import. (bnc#703032) - handling of frame properties in RTF import. (bnc#417818) - force imported XLSX active tab to be shown. (bnc#748198) - create TableManager for inside shapes. (bnc#747471, bnc#693238) - textboxes import with OLE objects inside. (bnc#747471, bnc#693238) - table style. (bnc#705991) - text rotation fixes. (bnc#734734) - crash in PPTX import. (bnc#706792) - read w:sdt* contents. (bnc#705949) - connector shape fixes. (bnc#719989) - legacy fragment import. (bnc#699334) - non-working Excel macros. (bnc#705977) - free drawn curves import. (bnc#657909) - group shape transformations. (bnc#621739) - extLst of drawings in diagrams import. (bnc#655408) - flip properties of custom shapes import. (bnc#705985) - line spacing is used from previous values. (bnc#734734) - missing ooxml customshape->mso shape name entries. (bnc#737921) - word doesn last seen 2020-06-05 modified 2012-04-03 plugin id 58577 published 2012-04-03 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58577 title SuSE 10 Security Update : LibreOffice (ZYPP Patch Number 8022) NASL family Fedora Local Security Checks NASL id FEDORA_2012-4663.NASL description new raptor2-2.0.7 release highlights : - CVE-2012-0037 fixed - Removed Expat support - Removed internal Unicode NFC code for better and optional ICU - Added options for denying file requests and XML entity loading - Added options for SSL certificate verifying - Fixed reported issues: 0000448 and 0000469 See also http://librdf.org/raptor/RELEASE.html#rel2_0_7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-04-13 plugin id 58731 published 2012-04-13 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58731 title Fedora 16 : raptor2-2.0.7-1.fc16 (2012-4663) NASL family Fedora Local Security Checks NASL id FEDORA_2012-4629.NASL description new raptor2-2.0.7 release highlights : - CVE-2012-0037 fixed - Removed Expat support - Removed internal Unicode NFC code for better and optional ICU - Added options for denying file requests and XML entity loading - Added options for SSL certificate verifying - Fixed reported issues: 0000448 and 0000469 See also http://librdf.org/raptor/RELEASE.html#rel2_0_7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-04-12 plugin id 58696 published 2012-04-12 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58696 title Fedora 17 : raptor2-2.0.7-1.fc17 (2012-4629) NASL family Scientific Linux Local Security Checks NASL id SL_20120322_OPENOFFICE_ORG_ON_SL5_X.NASL description OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. OpenOffice.org embeds a copy of Raptor, which provides parsers for Resource Description Framework (RDF) files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If OpenOffice.org were to open a specially crafted file (such as an OpenDocument Format or OpenDocument Presentation file), it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running OpenOffice.org had access to. A bug in the way Raptor handled external entities could cause OpenOffice.org to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org. (CVE-2012-0037) All OpenOffice.org users are advised to upgrade to these updated packages, which contain backported patches to correct this issue. All running instances of OpenOffice.org applications must be restarted for this update to take effect. last seen 2020-03-18 modified 2012-08-01 plugin id 61287 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61287 title Scientific Linux Security Update : openoffice.org on SL5.x i386/x86_64 (20120322) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2012-063.NASL description An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2012-0037). libreoffice for Mandriva Linux 2011 has been upgraded to the 3.4.6 version which is not vulnerable to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 61950 published 2012-09-06 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/61950 title Mandriva Linux Security Advisory : libreoffice (MDVSA-2012:063) NASL family MacOS X Local Security Checks NASL id MACOSX_LIBREOFFICE_351.NASL description The remote host is running a version of LibreOffice < 3.4.6 / 3.5.1 that has flaws in the way certain XML components are processed for external entities in ODF documents. These flaws can be utilized to access and inject the content of local files into an ODF document without a user last seen 2020-06-01 modified 2020-06-02 plugin id 58725 published 2012-04-12 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/58725 title LibreOffice < 3.4.6 / 3.5.1 XML External Entity RDF Document Handling Information Disclosure (Mac OS X) NASL family Fedora Local Security Checks NASL id FEDORA_2012-10591.NASL description This is new version of package that fixes CVE-2012-0037. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-07-31 plugin id 60158 published 2012-07-31 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60158 title Fedora 17 : raptor-1.4.21-12.fc17 (2012-10591) NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-187.NASL description - updated to libreoffice-3.4.5.4 (SUSE 3.4.5-rc2) - calc - pie charts colors messed in XLS import (fdo#40320) - correctly import data point formats in data series (fdo#40320) - components - crash when parsing XML signatures (fdo#39657) - broken getDataArray (fdo#46165, fdo#38441, i#117010) - don last seen 2020-06-05 modified 2014-06-13 plugin id 74584 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74584 title openSUSE Security Update : libreoffice (openSUSE-SU-2012:0433-1) NASL family Scientific Linux Local Security Checks NASL id SL_20120322_RAPTOR_ON_SL6_X.NASL description Raptor provides parsers for Resource Description Framework (RDF) files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-0037) All Raptor users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against Raptor must be restarted for this update to take effect. last seen 2020-03-18 modified 2012-08-01 plugin id 61288 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61288 title Scientific Linux Security Update : raptor on SL6.x i386/x86_64 (20120322) NASL family SuSE Local Security Checks NASL id SUSE_11_LIBRAPTOR-DEVEL-120217.NASL description Specially crafted XML files could have allowed XML External Entity (XXE) attacks resulting in file theft and a loss of user privacy. This has been fixed. last seen 2020-06-05 modified 2012-03-26 plugin id 58479 published 2012-03-26 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/58479 title SuSE 11.1 Security Update : libraptor (SAT Patch Number 5836) NASL family Windows NASL id LIBREOFFICE_351.NASL description The remote host is running a version of LibreOffice < 3.4.6 / 3.5.1 that has flaws in the way certain XML components are processed for external entities in ODF documents. These flaws can be utilized to access and inject the content of local files into an ODF document without a user last seen 2020-06-01 modified 2020-06-02 plugin id 58726 published 2012-04-12 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/58726 title LibreOffice < 3.4.6 / 3.5.1 XML External Entity RDF Document Handling Information Disclosure NASL family SuSE Local Security Checks NASL id SUSE_11_LIBREOFFICE-345-120316.NASL description The update fixes the following security issues : - 740453: Vulnerability in RDF handling. (CVE-2012-0037) - 752595: overflow in jpeg handling (CVE-2012-1149) This update also fixes the following non-security issues : Extras : - add SUSE color palette (fate#312645) Filters : - crash when loading embedded elements. (bnc#693238) - crash when importing an empty paragraph (rh#667082) - more on bentConnectors. (bnc#736495) - wrong text color in smartArt. (bnc#746996) - reading of w:textbox contents. (bnc#693388) - textbox position and size DOCX import (fdo#45560) - RTF/DOCX import of transparent frames. (bnc#695479) - consecutive frames in RTF/DOCX import. (bnc#703032) - handling of frame properties in RTF import. (bnc#417818) - force imported XLSX active tab to be shown. (bnc#748198) - create TableManager for inside shapes. (bnc#747471, bnc#693238) - textboxes import with OLE objects inside. (bnc#747471, bnc#693238) - table style. (bnc#705991) - text rotation fixes. (bnc#734734) - crash in PPTX import. (bnc#706792) - read w:sdt* contents. (bnc#705949) - connector shape fixes. (bnc#719989) - legacy fragment import. (bnc#699334) - non-working Excel macros. (bnc#705977) - free drawn curves import. (bnc#657909) - group shape transformations. (bnc#621739) - extLst of drawings in diagrams import. (bnc#655408) - flip properties of custom shapes import. (bnc#705985) - line spacing is used from previous values. (bnc#734734) - missing ooxml customshape->mso shape name entries. (bnc#737921) - word doesn last seen 2020-06-05 modified 2012-04-12 plugin id 58721 published 2012-04-12 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/58721 title SuSE 11.1 Security Update : LibreOffice (SAT Patch Number 6003) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0410.NASL description Updated raptor packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Raptor provides parsers for Resource Description Framework (RDF) files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-0037) Red Hat would like to thank Timothy D. Morgan of VSR for reporting this issue. All Raptor users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against Raptor must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 58457 published 2012-03-26 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58457 title CentOS 6 : raptor (CESA-2012:0410) NASL family Windows NASL id LOTUS_SYMPHONY_3_0_1_FP2.NASL description The version of IBM Lotus Symphony is a version prior to 3.0.1 Fix Pack 2. Such versions are affected by multiple vulnerabilities : - Flaws exist in the way certain XML components are processed for external entities in ODF documents. These flaws can be utilized to access and inject the content of local files into an ODF document without a user last seen 2020-06-01 modified 2020-06-02 plugin id 63266 published 2012-12-14 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63266 title IBM Lotus Symphony < 3.0.1 Fix Pack 2 Multiple Vulnerabilities
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
Seebug
bulletinFamily | exploit |
description | Bugtraq ID: 52681 CVE ID:CVE-2012-0037 OpenOffice是一款开放源代码的文字处理系统 OpenOffice.org存在一个XML外部实体攻击,处理ODF文档中某些XML组件中的外部实体时存在漏洞,通过构建外部实体引用其他本地文件系统资源,攻击者可以无需用户交互把本地内容注入到ODF文档中,导致信息泄露 0 OpenOffice 3.4 Beta OpenOffice 3.3 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: http://www.openoffice.org/security/cves/CVE-2012-0037.html |
id | SSV:30216 |
last seen | 2017-11-19 |
modified | 2012-03-23 |
published | 2012-03-23 |
reporter | Root |
title | OpenOffice ODF文档信息泄露漏洞 |
References
- http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/
- http://librdf.org/raptor/RELEASE.html#rel2_0_7
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html
- http://rhn.redhat.com/errata/RHSA-2012-0410.html
- http://rhn.redhat.com/errata/RHSA-2012-0411.html
- http://secunia.com/advisories/48479
- http://secunia.com/advisories/48493
- http://secunia.com/advisories/48494
- http://secunia.com/advisories/48526
- http://secunia.com/advisories/48529
- http://secunia.com/advisories/48542
- http://secunia.com/advisories/48649
- http://secunia.com/advisories/50692
- http://secunia.com/advisories/60799
- http://security.gentoo.org/glsa/glsa-201209-05.xml
- http://vsecurity.com/resources/advisory/20120324-1/
- http://www.debian.org/security/2012/dsa-2438
- http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
- http://www.libreoffice.org/advisories/CVE-2012-0037/
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:061
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:062
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:063
- http://www.openoffice.org/security/cves/CVE-2012-0037.html
- http://www.openwall.com/lists/oss-security/2012/03/27/4
- http://www.osvdb.org/80307
- http://www.securityfocus.com/bid/52681
- http://www.securitytracker.com/id?1026837
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74235
- https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0
- https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E
- http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/
- https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E
- https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74235
- http://www.securitytracker.com/id?1026837
- http://www.securityfocus.com/bid/52681
- http://www.osvdb.org/80307
- http://www.openwall.com/lists/oss-security/2012/03/27/4
- http://www.openoffice.org/security/cves/CVE-2012-0037.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:063
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:062
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:061
- http://www.libreoffice.org/advisories/CVE-2012-0037/
- http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
- http://www.debian.org/security/2012/dsa-2438
- http://vsecurity.com/resources/advisory/20120324-1/
- http://security.gentoo.org/glsa/glsa-201209-05.xml
- http://secunia.com/advisories/60799
- http://secunia.com/advisories/50692
- http://secunia.com/advisories/48649
- http://secunia.com/advisories/48542
- http://secunia.com/advisories/48529
- http://secunia.com/advisories/48526
- http://secunia.com/advisories/48494
- http://secunia.com/advisories/48493
- http://secunia.com/advisories/48479
- http://rhn.redhat.com/errata/RHSA-2012-0411.html
- http://rhn.redhat.com/errata/RHSA-2012-0410.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html
- http://librdf.org/raptor/RELEASE.html#rel2_0_7