[gentoo-announce] [ GLSA 200812-13 ] OpenOffice.org: Multiple vulnerabilities - gentoo-announce

From:	Pierre-Yves Rofes <py@g.o>
To:	gentoo-announce@l.g.o
Cc:	full-disclosure@××××××××××××××.uk, bugtraq@×××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200812-13 ] OpenOffice.org: Multiple vulnerabilities
Date:	Fri, 12 Dec 2008 23:01:15
Message-Id:	`4942ED37.5010409@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 200812-13

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                               http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

     Severity: Normal

8

        Title: OpenOffice.org: Multiple vulnerabilities

9

         Date: December 12, 2008

10

         Bugs: #235824, #244995

11

           ID: 200812-13

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

Multiple vulnerabilities in OpenOffice.org might allow for

19

user-assisted execution of arbitrary code or symlink attacks.

20

21

Background

22

==========

23

24

OpenOffice.org is an open source office productivity suite, including

25

word processing, spreadsheet, presentation, drawing, data charting,

26

formula editing, and file conversion facilities.

27

28

Affected packages

29

=================

30

31

       -------------------------------------------------------------------

32

        Package                    /  Vulnerable  /            Unaffected

33

       -------------------------------------------------------------------

34

     1  app-office/openoffice           < 3.0.0                  >= 3.0.0

35

     2  app-office/openoffice-bin       < 3.0.0                  >= 3.0.0

36

       -------------------------------------------------------------------

37

        2 affected packages on all of their supported architectures.

38

       -------------------------------------------------------------------

39

40

Description

41

===========

42

43

Two heap-based buffer overflows when processing WMF files

44

(CVE-2008-2237) and EMF files (CVE-2008-2238) were discovered. Dmitry

45

E. Oboukhov also reported an insecure temporary file usage within the

46

senddoc script (CVE-2008-4937).

47

48

Impact

49

======

50

51

A remote attacker could entice a user to open a specially crafted

52

document, resulting in the remote execution of arbitrary code. A local

53

attacker could perform symlink attacks to overwrite arbitrary files on

54

the system. Both cases happen with the privileges of the user running

55

the application.

56

57

Workaround

58

==========

59

60

There is no known workaround at this time.

61

62

Resolution

63

==========

64

65

All OpenOffice.org users should upgrade to the latest version:

66

67

   # emerge --sync

68

   # emerge --ask --oneshot --verbose ">=app-office/openoffice-3.0.0"

69

70

All OpenOffice.org binary users should upgrade to the latest version:

71

72

   # emerge --sync

73

   # emerge --ask --oneshot --verbose ">=app-office/openoffice-bin-3.0.0"

74

75

References

76

==========

77

78

     [ 1 ] CVE-2008-2237

79

           http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2237

80

     [ 2 ] CVE-2008-2238

81

           http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2238

82

     [ 3 ] CVE-2008-4937

83

           http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4937

84

85

Availability

86

============

87

88

This GLSA and any updates to it are available for viewing at

89

the Gentoo Security Website:

90

91

     http://security.gentoo.org/glsa/glsa-200812-13.xml

92

93

Concerns?

94

=========

95

96

Security is a primary focus of Gentoo Linux and ensuring the

97

confidentiality and security of our users machines is of utmost

98

importance to us. Any security concerns should be addressed to

99

security@g.o or alternatively, you may file a bug at

100

http://bugs.gentoo.org.

101

102

License

103

=======

104

105

Copyright 2008 Gentoo Foundation, Inc; referenced text

106

belongs to its owner(s).

107

108

The contents of this document are licensed under the

109

Creative Commons - Attribution / Share Alike license.

110

111

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200812-13
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: OpenOffice.org: Multiple vulnerabilities
9	Date: December 12, 2008
10	Bugs: #235824, #244995
11	ID: 200812-13
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	Multiple vulnerabilities in OpenOffice.org might allow for
19	user-assisted execution of arbitrary code or symlink attacks.
20
21	Background
22	==========
23
24	OpenOffice.org is an open source office productivity suite, including
25	word processing, spreadsheet, presentation, drawing, data charting,
26	formula editing, and file conversion facilities.
27
28	Affected packages
29	=================
30
31	-------------------------------------------------------------------
32	Package / Vulnerable / Unaffected
33	-------------------------------------------------------------------
34	1 app-office/openoffice < 3.0.0 >= 3.0.0
35	2 app-office/openoffice-bin < 3.0.0 >= 3.0.0
36	-------------------------------------------------------------------
37	2 affected packages on all of their supported architectures.
38	-------------------------------------------------------------------
39
40	Description
41	===========
42
43	Two heap-based buffer overflows when processing WMF files
44	(CVE-2008-2237) and EMF files (CVE-2008-2238) were discovered. Dmitry
45	E. Oboukhov also reported an insecure temporary file usage within the
46	senddoc script (CVE-2008-4937).
47
48	Impact
49	======
50
51	A remote attacker could entice a user to open a specially crafted
52	document, resulting in the remote execution of arbitrary code. A local
53	attacker could perform symlink attacks to overwrite arbitrary files on
54	the system. Both cases happen with the privileges of the user running
55	the application.
56
57	Workaround
58	==========
59
60	There is no known workaround at this time.
61
62	Resolution
63	==========
64
65	All OpenOffice.org users should upgrade to the latest version:
66
67	# emerge --sync
68	# emerge --ask --oneshot --verbose ">=app-office/openoffice-3.0.0"
69
70	All OpenOffice.org binary users should upgrade to the latest version:
71
72	# emerge --sync
73	# emerge --ask --oneshot --verbose ">=app-office/openoffice-bin-3.0.0"
74
75	References
76	==========
77
78	[ 1 ] CVE-2008-2237
79	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2237
80	[ 2 ] CVE-2008-2238
81	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2238
82	[ 3 ] CVE-2008-4937
83	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4937
84
85	Availability
86	============
87
88	This GLSA and any updates to it are available for viewing at
89	the Gentoo Security Website:
90
91	http://security.gentoo.org/glsa/glsa-200812-13.xml
92
93	Concerns?
94	=========
95
96	Security is a primary focus of Gentoo Linux and ensuring the
97	confidentiality and security of our users machines is of utmost
98	importance to us. Any security concerns should be addressed to
99	security@g.o or alternatively, you may file a bug at
100	http://bugs.gentoo.org.
101
102	License
103	=======
104
105	Copyright 2008 Gentoo Foundation, Inc; referenced text
106	belongs to its owner(s).
107
108	The contents of this document are licensed under the
109	Creative Commons - Attribution / Share Alike license.
110
111	http://creativecommons.org/licenses/by-sa/2.5