Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310902284
HistoryFeb 05, 2011 - 12:00 a.m.

OpenOffice.org 'soffice' Directory Traversal Vulnerability - Windows

2011-02-0500:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
11

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.9%

JSON

OpenOffice is prone to directory traversal vulnerabilities.

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.902284");
  script_version("2024-02-15T05:05:39+0000");
  script_tag(name:"last_modification", value:"2024-02-15 05:05:39 +0000 (Thu, 15 Feb 2024)");
  script_tag(name:"creation_date", value:"2011-02-05 04:12:38 +0100 (Sat, 05 Feb 2011)");
  script_tag(name:"cvss_base", value:"6.9");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_cve_id("CVE-2010-3689");
  script_name("OpenOffice.org 'soffice' Directory Traversal Vulnerability - Windows");
  script_xref(name:"URL", value:"http://secunia.com/advisories/43065");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46031");
  script_xref(name:"URL", value:"http://www.vupen.com/english/advisories/2011/0232");
  script_xref(name:"URL", value:"http://www.cs.brown.edu/people/drosenbe/research.html");
  script_xref(name:"URL", value:"http://www.openoffice.org/security/cves/CVE-2010-3689.html");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("General");
  script_dependencies("secpod_openoffice_detect_win.nasl");
  script_mandatory_keys("OpenOffice/Win/Ver");
  script_tag(name:"impact", value:"Successful exploitation could allows local users to gain privileges via
  a Trojan horse shared library in the current working directory.");
  script_tag(name:"affected", value:"OpenOffice Version 3.x to 3.2.0 on Windows");
  script_tag(name:"insight", value:"The flaw is due to an error in 'soffice', which places a zero-length
  directory name in the 'LD_LIBRARY_PATH'.");
  script_tag(name:"solution", value:"Upgrade to OpenOffice Version 3.3.0 or later");
  script_tag(name:"summary", value:"OpenOffice is prone to directory traversal vulnerabilities.");
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("version_func.inc");

##  Get the version from KB
openVer = get_kb_item("OpenOffice/Win/Ver");

## Exit if script fails to get the version
if(!openVer){
  exit(0);
}

if(openVer =~ "^3.*")
{
  ## OpenOffice 3.3 (3.3.9567)
  if(version_is_less(version:openVer, test_version:"3.3.9567")){
    report = report_fixed_ver(installed_version:openVer, fixed_version:"3.3.9567");
    security_message(port: 0, data: report);
  }
}

Related

openvas 19
nvd 1
cve 1
veracode 1
prion 1
ubuntucve 1
cvelist 1
nessus 20
centos 1
osv 1
debian 2
redhat 2
oraclelinux 1
ubuntu 1
fedora 1
freebsd 1
gentoo 1
securityvulns 1
oracle 1
openvas
openvas
OpenOffice.org 'soffice' Directory Traversal Vulnerability (Windows)
2011-02-05 00:00:00
RedHat Update for openoffice.org RHSA-2011:0183-01
2012-07-09 00:00:00
Mandriva Update for openoffice.org MDVSA-2011:027 (openoffice.org)
2011-02-16 00:00:00
nvd
nvd
CVE-2010-3689
2011-01-28 22:00:05
cve
cve
CVE-2010-3689
2011-01-28 22:00:05
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:57:26
prion
prion
Directory traversal
2011-01-28 22:00:00
ubuntucve
ubuntucve
CVE-2010-3689
2011-01-28 00:00:00
cvelist
cvelist
CVE-2010-3689
2011-01-28 21:13:00
nessus
nessus
Debian DSA-2151-1 : openoffice.org - several vulnerabilities
2011-01-27 00:00:00
RHEL 5 : openoffice.org (RHSA-2011:0182)
2011-01-31 00:00:00
CentOS 5 : openoffice.org (CESA-2011:0182)
2011-05-09 00:00:00
centos
centos
openoffice.org security update
2011-05-07 09:10:56
osv
osv
openoffice.org - several vulnerabilities
2011-01-26 00:00:00
debian
debian
[SECURITY] [DSA 2151-1] New OpenOffice.org packages fix several vulnerabilities
2011-01-26 16:18:12
[BSA-020] Security Update for openoffice.org
2011-01-27 20:36:23
redhat
redhat
(RHSA-2011:0183) Important: openoffice.org security and bug fix update
2011-01-28 00:00:00
(RHSA-2011:0182) Important: openoffice.org security update
2011-01-28 00:00:00
oraclelinux
oraclelinux
openoffice.org security and bug fix update
2011-02-10 00:00:00
ubuntu
ubuntu
OpenOffice.org vulnerabilities
2011-02-02 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: openoffice.org-3.2.0-12.35.fc13
2011-02-17 00:50:23
freebsd
freebsd
openoffice.org -- Multiple vulnerabilities
2010-08-04 00:00:00
gentoo
gentoo
OpenOffice, LibreOffice: Multiple vulnerabilities
2014-08-31 00:00:00
securityvulns
securityvulns
Oracle / Sun / Peoplesoft / Open Office applications multiple security vulnerabilities
2011-05-04 00:00:00
oracle
oracle
cpuapr2011
2011-04-19 00:00:00

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.9%

JSON
Related for OPENVAS:1361412562310902284
openvas19nvd1cve1veracode1prion1ubuntucve1cvelist1nessus20centos1osv1debian2redhat2oraclelinux1ubuntu1fedora1freebsd1gentoo1securityvulns1oracle1