Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable5339.PRM
HistoryFeb 15, 2010 - 12:00 a.m.

OpenOffice < 3.2 Multiple Vulnerabilities

2010-02-1500:00:00
Tenable
www.tenable.com
11
JSON

The version of OpenOffice installed on the remote host is earlier than 3.2. Such versions are potentially affected by several issues :

  • Signatures may not be handled properly due to a vulnerability in the libxml2 library. (CVE-2006-4339)

  • There is an HMAC truncation authentication bypass vulnerability in the libxmlsec library. (CVE-2009-0217)

  • The application is bundled with a vulnerable version of the Microsoft VC++ runtime. (CVE-2009-2493)

  • Specially crafted XPM files are not processed properly, which could lead to arbitrary code execution. (CVE-2009-2949)

  • Specially crafted GIF files are not processed properly, which could lead to arbitrary code execution. (CVE-2009-2950)

  • Specially crafted Microsoft Word documents are not processed properly, which could lead to arbitrary code execution. (CVE-2009-3301 / CVE-2009-3302)

Binary data 5339.prm
VendorProductVersionCPE
sunopenoffice.orgcpe:/a:sun:openoffice.org

Related

openvas 64
nessus 49
freebsd 4
threatpost 1
fedora 7
redhat 2
centos 4
oraclelinux 2
osv 3
debian 8
ubuntu 2
suse 1
securityvulns 8
checkpoint_advisories 5
seebug 1
mskb 2
f5 2
freebsd_advisory 1
slackware 2
prion 5
cve 6
altlinux 3
checkpoint_security 1
ubuntucve 5
cert 2
debiancve 2
gentoo 1
openssl 1
veracode 4
jvn 1
openvas
openvas
FreeBSD Ports: openoffice.org
2010-03-16 00:00:00
FreeBSD Ports: openoffice.org
2010-03-16 00:00:00
CentOS Update for openoffice.org-base CESA-2010:0101 centos5 i386
2011-08-09 00:00:00
nessus
nessus
FreeBSD : openoffice.org -- multiple vulnerabilities (c97d7a37-2233-11df-96dd-001b2134ef46)
2010-03-01 00:00:00
Sun OpenOffice.org < 3.2 Multiple Vulnerabilities
2010-02-12 00:00:00
Scientific Linux Security Update : openoffice.org on SL5.x i386/x86_64
2012-08-01 00:00:00
freebsd
freebsd
openoffice.org -- multiple vulnerabilities
2006-08-24 00:00:00
opera -- RSA Signature Forgery
2006-09-18 00:00:00
openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3)
2006-09-06 00:00:00
threatpost
threatpost
OpenOffice Zaps Six Security Bugs
2010-02-18 15:09:26
fedora
fedora
[SECURITY] Fedora 11 Update: openoffice.org-3.1.1-19.12.fc11
2010-02-16 13:24:28
[SECURITY] Fedora 12 Update: openoffice.org-3.1.1-19.26.fc12
2010-02-16 13:06:14
[SECURITY] Fedora 11 Update: openoffice.org-3.1.1-19.13.fc11
2010-06-07 22:26:04
redhat
redhat
(RHSA-2010:0101) Important: openoffice.org security update
2010-02-12 00:00:00
(RHSA-2006:0661) openssl security update
2006-09-06 00:00:00
centos
centos
openoffice.org, openoffice.org2 security update
2010-02-13 23:15:08
openssl, openssl095a, openssl096 security update
2006-09-11 00:52:04
openssl, openssl096b security update
2006-09-08 09:58:00
oraclelinux
oraclelinux
openoffice.org security update
2010-02-12 00:00:00
xmlsec1 security update
2009-09-09 00:00:00
osv
osv
openoffice.org - several
2010-02-12 00:00:00
openssl - cryptographic weakness
2006-09-10 00:00:00
Apache XML Security For Java vulnerable to authentication bypass by HMAC truncation
2022-05-02 03:13:38
debian
debian
[Backports-security-announce] Security Update for openoffice.org
2010-02-12 20:45:28
[Backports-security-announce] Security Update for openoffice.org
2010-02-12 20:39:53
[Backports-security-announce] Security Update for openoffice.org
2010-02-12 20:39:53
ubuntu
ubuntu
OpenOffice.org vulnerabilities
2010-02-24 00:00:00
OpenSSL vulnerability
2006-09-05 00:00:00
suse
suse
remote code execution in OpenOffice_org
2010-03-16 16:11:32
securityvulns
securityvulns
VUPEN Security Research - OpenOffice Word Document Processing Heap Overflow Vulnerabilities
2010-02-17 00:00:00
OpenOffice buffer overflow
2010-02-17 00:00:00
iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Security Bypass Vulnerability
2009-08-20 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenOffice.org Microsoft Word File Processing Integer Underflow (CVE-2009-3301; CVE-2009-3302)
2010-06-03 00:00:00
Microsoft Outlook View ActiveX Controls Remote Code Execution (MS09-055; CVE-2009-2493)
2009-10-01 00:00:00
Update Protection against OpenSSL RSA Key Signature Forgery Vulnerability
2006-11-13 00:00:00
seebug
seebug
Microsoft Visual Studio ATL COM对象远程代码执行漏洞
2009-07-29 00:00:00
mskb
mskb
MS09-055: Cumulative Security Update of ActiveX Kill Bits
2020-04-13 02:02:28
MS10-041: Vulnerabilities in the Microsoft .NET Framework that could allow tampering
2012-05-08 22:34:55
f5
f5
SOL6623 - OpenSSL signature vulnerability - CVE-2006-4339
2007-05-16 00:00:00
K6623 : OpenSSL signature vulnerability - CVE-2006-4339
2013-03-26 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:19.openssl
2006-09-06 00:00:00
slackware
slackware
[slackware-security] bind
2006-11-07 06:26:27
[slackware-security] openssl
2006-09-14 22:05:20
prion
prion
Design/Logic Flaw
2009-07-29 17:30:00
Heap overflow
2010-02-16 19:30:00
Integer overflow
2010-02-16 19:30:00
cve
cve
CVE-2009-2493
2009-07-29 17:30:00
CVE-2006-4339
2006-09-05 17:04:00
CVE-2009-2950
2010-02-16 19:30:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.7g-alt4
2006-09-06 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 0.9.7g-alt4
2006-09-06 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.7g-alt4
2006-09-06 00:00:00
checkpoint_security
checkpoint_security
OpenSSL CVE-2006-4339 8732 vulnerability Fix
2006-10-18 22:00:00
ubuntucve
ubuntucve
CVE-2006-4339
2006-09-05 00:00:00
CVE-2009-2950
2010-02-16 00:00:00
CVE-2009-3301
2010-02-16 00:00:00
cert
cert
Multiple RSA implementations fail to properly handle signatures
2006-09-11 00:00:00
XML signature HMAC truncation authentication bypass
2009-07-14 00:00:00
debiancve
debiancve
CVE-2006-4339
2006-09-05 17:04:00
CVE-2009-0217
2009-07-14 23:30:00
gentoo
gentoo
OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery
2006-09-07 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2006-4339
2006-09-05 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:47:11
Arbitrary Code Execution
2020-04-10 00:47:11
Arbitrary Code Execution
2020-04-10 00:47:11
jvn
jvn
JVN#51615542: Adobe Reader fails to properly handle signatures
2012-08-30 00:00:00
JSON
Related for 5339.PRM
openvas64nessus49freebsd4threatpost1fedora7redhat2centos4oraclelinux2osv3debian8ubuntu2suse1securityvulns8checkpoint_advisories5seebug1mskb2f52freebsd_advisory1slackware2prion5cve6altlinux3checkpoint_security1ubuntucve5cert2debiancve2gentoo1openssl1veracode4jvn1