SUSE Linux Security Advisory: SUSE-SA:2010:017
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | February 16, 2010 | December 12, 2013 | July 04, 2017 |
Description
OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- APPLE-APPLE-SA-2009-09-03-1
- BID-35671
- BID-38218
- BID-38245
- CERT-TA09-294A
- CERT-TA10-159B
- CERT-TA10-287A
- CERT-VN-466161
- CVE-2009-0217
- CVE-2009-2949
- CVE-2009-2950
- CVE-2009-3301
- CVE-2009-3302
- CVE-2010-0136
- DEBIAN-DSA-1995
- DISA_SEVERITY-Category II
- DISA_VMSKEY-V0024367
- IAVM-2010-B-0046
- MS-MS10-041
- OSVDB-55895
- OSVDB-55907
- OVAL-OVAL10022
- OVAL-OVAL10176
- OVAL-OVAL10186
- OVAL-OVAL10423
- OVAL-OVAL11050
- OVAL-OVAL7158
- OVAL-OVAL8717
- REDHAT-RHSA-2009:1200
- REDHAT-RHSA-2009:1201
- REDHAT-RHSA-2009:1428
- REDHAT-RHSA-2009:1636
- REDHAT-RHSA-2009:1637
- REDHAT-RHSA-2009:1649
- REDHAT-RHSA-2009:1650
- REDHAT-RHSA-2009:1694
- REDHAT-RHSA-2010:0101
- SUSE-SUSE-SA:2009:053
- SUSE-SUSE-SA:2010:017
- XF-56236
- XF-56238
- XF-56240
- XF-56241
Solution Reference
Java Security UpdateSolution
suse-upgrade-java-1_6_0-ibmRelated Vulnerabilities
- RHSA-2009:1200: java-1.6.0-sun security update
- ELSA-2010-0101 Important: Enterprise Linux openoffice.org security update
- FreeBSD: openoffice.org -- multiple vulnerabilities (Multiple CVEs)
- Sun Patch: Sun GlassFish Enterprise Server 2.1.1 Patch16 (v2.1 patch22) (9.1_
- Sun Patch: StarOffice 8 (Solaris): Update 18
- Cent OS: CVE-2009-2949: CESA-2010:0101 (openoffice.org)
- SUSE Linux Security Vulnerability: CVE-2009-3301
- Sun Patch: StarSuite 8 (Solaris): Update 18
- Sun Patch: StarSuite 8 (Solaris_x86): Update 18
- RHSA-2009:1649: JBoss Enterprise Application Platform 4.3.0.CP07 update
- RHSA-2010:0101: openoffice.org security update
- Cent OS: CVE-2009-3301: CESA-2010:0101 (openoffice.org)
- USN-826-1: Mono vulnerabilities
- RHSA-2009:1201: java-1.6.0-openjdk security and bug fix update
- HP-UX: CVE-2009-0217: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2009-2949
- Cent OS: CVE-2009-2950: CESA-2010:0101 (openoffice.org)
- FreeBSD: mono -- XML signature HMAC truncation spoofing (CVE-2009-0217)
- Sun Patch: Sun GlassFish Enterprise Server v2.1.1 Security Patch01, Solaris:
- Gentoo Linux: CVE-2009-2950: OpenOffice, LibreOffice: Multiple vulnerabilities
- Cent OS: CVE-2009-0217: CESA-2009:1428 (xmlsec1)
- RHSA-2009:1694: java-1.6.0-ibm security update
- RHSA-2009:1636: JBoss Enterprise Application Platform 4.3.0.CP07 update
- Cent OS: CVE-2009-3302: CESA-2010:0101 (openoffice.org)
- SUSE Linux Security Vulnerability: CVE-2009-0217
- SUSE Linux Security Vulnerability: CVE-2009-2950
- Gentoo Linux: CVE-2009-2949: OpenOffice, LibreOffice: Multiple vulnerabilities
- RHSA-2009:1428: xmlsec1 security update
- JRE XML Authentication Bypass
- RHSA-2009:1650: JBoss Enterprise Application Platform 4.2.0.CP08 update
- SUSE Linux Security Vulnerability: CVE-2010-0136
- RHSA-2010:0043: Red Hat Network Satellite Server IBM Java Runtime security update
- USN-903-1: OpenOffice.org vulnerabilities
- RHSA-2009:1637: JBoss Enterprise Application Platform 4.2.0.CP08 update
- USN-814-1: OpenJDK vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2009-3302
- SUSE Linux Security Advisory: SUSE-SA:2009:053
- Sun Patch: StarOffice 8 (Solaris_x86): Update 18
- MS10-041: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)
- IBM WebSphere Application Server: CVE-2009-0217: WebSphere Application Server Vulnerability
- Sun Patch: Sun GlassFish Enterprise Server 2.1.1 Patch16 (v2.1 patch22) (9.1_
- ELSA-2009-1428 Moderate: Enterprise Linux xmlsec1 security update
- Gentoo Linux: CVE-2009-3302: OpenOffice, LibreOffice: Multiple vulnerabilities
- Gentoo Linux: CVE-2009-0217: Mono: Multiple vulnerabilities
- Gentoo Linux: CVE-2009-3301: OpenOffice, LibreOffice: Multiple vulnerabilities
- Sun Patch: Sun GlassFish Enterprise Server v2.1.1 Security Patch01, _x86: SVR