The version of OpenOffice installed on the remote host is earlier than 3.2. Such versions are potentially affected by several issues :
Signatures may not be handled properly due to a vulnerability in the libxml2 library. (CVE-2006-4339)
There is an HMAC truncation authentication bypass vulnerability in the libxmlsec library. (CVE-2009-0217)
The application is bundled with a vulnerable version of the Microsoft VC++ runtime. (CVE-2009-2493)
Specially crafted XPM files are not processed properly, which could lead to arbitrary code execution. (CVE-2009-2949)
Specially crafted GIF files are not processed properly, which could lead to arbitrary code execution. (CVE-2009-2950)
Specially crafted Microsoft Word documents are not processed properly, which could lead to arbitrary code execution. (CVE-2009-3301 / CVE-2009-3302)
Binary data 5339.prm
Vendor | Product | Version | CPE |
---|---|---|---|
sun | openoffice.org | cpe:/a:sun:openoffice.org |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2493
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302
www.openoffice.org/security/cves/CVE-2006-4339.html
www.openoffice.org/security/cves/CVE-2009-0217.html
www.openoffice.org/security/cves/CVE-2009-2493.html
www.openoffice.org/security/cves/CVE-2009-2949.html
www.openoffice.org/security/cves/CVE-2009-2950.html
www.openoffice.org/security/cves/CVE-2009-3301-3302.html