9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.024 Low
EPSS
Percentile
88.8%
OpenOffice.org is an office productivity suite.
HSQLDB is the default database engine shipped with OpenOffice.org 2.
It was discovered that HSQLDB could allow the execution of arbitrary public
static Java methods. A carefully crafted odb file opened in OpenOffice.org
Base could execute arbitrary commands with the permissions of the user
running OpenOffice.org. (CVE-2007-4575)
All users of OpenOffice.org are advised to upgrade to these updated
packages, which contain a backported patch to resolve this issue.