diff options
| author | miwi <miwi@FreeBSD.org> | 2008-11-30 00:16:01 +0800 |
|---|---|---|
| committer | miwi <miwi@FreeBSD.org> | 2008-11-30 00:16:01 +0800 |
| commit | d6e601ca7b1830a7c2fe7b0876899befcc92f093 (patch) | |
| tree | 82648d62fe268e605bf72ae5f0c5c962ae7e1bae /security | |
| parent | 93eb63b69a499a3ecb58b78c2a163a26665625e7 (diff) | |
| download | freebsd-ports-gnome-d6e601ca7b1830a7c2fe7b0876899befcc92f093.tar.gz freebsd-ports-gnome-d6e601ca7b1830a7c2fe7b0876899befcc92f093.tar.zst freebsd-ports-gnome-d6e601ca7b1830a7c2fe7b0876899befcc92f093.zip | |
- Document openoffice -- arbitrary code execution vulnerabilities
PR: based on 129192
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 4afd1016d25e..26ce14f7061a 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,50 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="842bafdd-be2f-11dd-a578-0030843d3802"> + <topic>openoffice -- arbitrary code execution vulnerabilities</topic> + <affects> + <package> + <name>openoffice.org-2</name> + <name>openoffice.org-2-RC</name> + <name>openoffice.org-2-devel</name> + <range><ge>2.4</ge><lt>2.4.2</lt></range> + <range><ge>2.4.20040402</ge></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The OpenOffice Team reports:</p> + <blockquote cite="http://www.openoffice.org/security/cves/CVE-2008-2237.html"> + <p>A security vulnerability with the way OpenOffice 2.x process WMF + files may allow a remote unprivileged user who provides a + StarOffice/StarSuite document that is opened by a local user to + execute arbitrary commands on the system with the privileges of the + user running StarOffice/StarSuite. No working exploit is known right + now.</p> + </blockquote> + <blockquote cite="http://www.openoffice.org/security/cves/CVE-2008-2238.html"> + <p>A security vulnerability with the way OpenOffice 2.x process EMF + files may allow a remote unprivileged user who provides a + StarOffice/StarSuite document that is opened by a local user to + execute arbitrary commands on the system with the privileges of the + user running StarOffice/StarSuite. No working exploit is known right + now.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2008-2237</cvename> + <cvename>CVE-2008-2238</cvename> + <url>http://www.openoffice.org/security/cves/CVE-2008-2237.html</url> + <url>http://www.openoffice.org/security/cves/CVE-2008-2238.html</url> + </references> + <dates> + <discovery>2008-11-FIXME</discovery> + <entry>2008-11-29</entry> + </dates> + </vuln> + <vuln vid="622bc638-be27-11dd-a578-0030843d3802"> <topic>wordpress -- header rss feed script insertion vulnerability</topic> <affects> |