Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2012-533.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : calligra (openSUSE-SU-2012:1061-1)

2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.769 High

EPSS

Percentile

98.2%

JSON

Fix buffer overflow in MS Word ODF filter among other non-security related bugs.

Also a version update to 2.4.3 happened :

  • Words :

  • Always show vertical scroll bar to avoid race condition (kde#301076)

  • Do not save with an attribue that makes LibreOffice and OpenOffice crash (kde#298689 )

  • Kexi :

  • Fixed import from csv when “Start at Line”
    value changed (kde#302209)

  • Set limit to 255 characters for Text type (VARCHAR) (kde#301277 and 301136)

    • Remove limits for Text data type, leave as option (kde#301277)

  • Fixed data saving when focus policy for one of widgets is NoFocus (kde#301109)

  • Krita :

  • Read and set the resolution for psd images

  • Charts :

  • Fix load/save styles of all shapes (title,subtitle,axistitles,footer,etc.)

  • Lines in the chart should be displayed (kde#271771)

  • Combined Bar and Line Charts only show bars (Trendlines not supported) (kde#288537)

  • Load/save chart type for each dataset (kde#271771 and 288537)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2012-533.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(74724);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2012-3456");

  script_name(english:"openSUSE Security Update : calligra (openSUSE-SU-2012:1061-1)");
  script_summary(english:"Check for the openSUSE-2012-533 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Fix buffer overflow in MS Word ODF filter among other non-security
related bugs.

Also a version update to 2.4.3 happened :

  - Words :

  - Always show vertical scroll bar to avoid race condition
    (kde#301076)

  - Do not save with an attribue that makes LibreOffice and
    OpenOffice crash (kde#298689 )

  - Kexi :

  - Fixed import from csv when “Start at Line”
    value changed (kde#302209)

  - Set limit to 255 characters for Text type (VARCHAR)
    (kde#301277 and 301136)

  + - Remove limits for Text data type, leave as option
    (kde#301277)

  - Fixed data saving when focus policy for one of widgets
    is NoFocus (kde#301109)

  - Krita :

  - Read and set the resolution for psd images

  - Charts :

  - Fix load/save styles of all shapes
    (title,subtitle,axistitles,footer,etc.)

  - Lines in the chart should be displayed (kde#271771)

  - Combined Bar and Line Charts only show bars (Trendlines
    not supported) (kde#288537)

  - Load/save chart type for each dataset (kde#271771 and
    288537)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=774534"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2012-08/msg00041.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected calligra packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-braindump");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-braindump-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-flow");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-flow-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-karbon");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-karbon-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-mssql-driver");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-mssql-driver-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-mysql-driver");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-mysql-driver-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-postgresql-driver");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-postgresql-driver-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-spreadsheet-import");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-spreadsheet-import-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-xbase-driver");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kexi-xbase-driver-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-krita");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-krita-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kthesaurus");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-kthesaurus-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-plan");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-plan-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-sheets");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-sheets-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-stage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-stage-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-words");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calligra-words-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/08/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.2", reference:"calligra-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-braindump-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-braindump-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-debugsource-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-devel-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-flow-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-flow-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-karbon-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-karbon-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-mssql-driver-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-mssql-driver-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-mysql-driver-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-mysql-driver-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-postgresql-driver-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-postgresql-driver-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-spreadsheet-import-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-spreadsheet-import-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-xbase-driver-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kexi-xbase-driver-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-krita-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-krita-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kthesaurus-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-kthesaurus-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-plan-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-plan-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-sheets-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-sheets-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-stage-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-stage-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-tools-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-tools-debuginfo-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-words-2.4.3-2.4.1") ) flag++;
if ( rpm_check(release:"SUSE12.2", reference:"calligra-words-debuginfo-2.4.3-2.4.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "calligra");
}
VendorProductVersionCPE
novellopensusecalligrap-cpe:/a:novell:opensuse:calligra
novellopensusecalligra-braindumpp-cpe:/a:novell:opensuse:calligra-braindump
novellopensusecalligra-braindump-debuginfop-cpe:/a:novell:opensuse:calligra-braindump-debuginfo
novellopensusecalligra-debuginfop-cpe:/a:novell:opensuse:calligra-debuginfo
novellopensusecalligra-debugsourcep-cpe:/a:novell:opensuse:calligra-debugsource
novellopensusecalligra-develp-cpe:/a:novell:opensuse:calligra-devel
novellopensusecalligra-flowp-cpe:/a:novell:opensuse:calligra-flow
novellopensusecalligra-flow-debuginfop-cpe:/a:novell:opensuse:calligra-flow-debuginfo
novellopensusecalligra-karbonp-cpe:/a:novell:opensuse:calligra-karbon
novellopensusecalligra-karbon-debuginfop-cpe:/a:novell:opensuse:calligra-karbon-debuginfo
Rows per page:
1-10 of 371

Related

openvas 12
fedora 2
nessus 4
gentoo 1
ubuntu 1
suse 1
cve 2
ubuntucve 2
nvd 2
securityvulns 1
prion 2
cvelist 2
freebsd 1
debiancve 1
openvas
openvas
Fedora Update for calligra-l10n FEDORA-2012-11566
2012-08-30 00:00:00
Fedora Update for calligra FEDORA-2012-11566
2012-08-30 00:00:00
SuSE Update for calligra openSUSE-SU-2012:1061-1 (calligra)
2013-03-11 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: calligra-2.5.0-2.fc17
2012-08-21 09:55:04
[SECURITY] Fedora 17 Update: calligra-l10n-2.5.0-2.fc17
2012-08-21 09:55:04
nessus
nessus
GLSA-201209-10 : Calligra: User-assisted execution of arbitrary code
2012-09-26 00:00:00
Fedora 17 : calligra-2.5.0-2.fc17 / calligra-l10n-2.5.0-2.fc17 (2012-11566)
2012-08-22 00:00:00
Ubuntu 12.04 LTS : calligra vulnerability (USN-1525-1)
2012-08-10 00:00:00
gentoo
gentoo
Calligra: User-assisted execution of arbitrary code
2012-09-25 00:00:00
ubuntu
ubuntu
Calligra vulnerability
2012-08-09 00:00:00
suse
suse
calligra: security and bugfix update. (important)
2012-08-30 10:58:26
cve
cve
CVE-2012-3456
2012-08-20 18:55:03
CVE-2012-3455
2012-08-20 19:55:05
ubuntucve
ubuntucve
CVE-2012-3455
2012-08-09 00:00:00
CVE-2012-3456
2012-08-09 00:00:00
nvd
nvd
CVE-2012-3455
2012-08-20 19:55:05
CVE-2012-3456
2012-08-20 18:55:03
securityvulns
securityvulns
KOffice / Calligra code execution
2012-08-13 00:00:00
prion
prion
Heap overflow
2012-08-20 18:55:00
Heap overflow
2012-08-20 19:55:00
cvelist
cvelist
CVE-2012-3456
2012-08-20 18:00:00
CVE-2012-3455
2012-08-20 19:00:00
freebsd
freebsd
Calligra, KOffice -- input validation failure
2012-08-10 00:00:00
debiancve
debiancve
CVE-2012-3456
2012-08-20 18:55:03

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.769 High

EPSS

Percentile

98.2%

JSON
Related for OPENSUSE-2012-533.NASL
openvas12fedora2nessus4gentoo1ubuntu1suse1cve2ubuntucve2nvd2securityvulns1prion2cvelist2freebsd1debiancve1