Detections
Analytics

Apache OpenOffice < 4.1.2 Multiple Vulnerabilities

medium Nessus Plugin ID 86904

Language:

Synopsis

The remote Windows host has an application installed that is affected by multiple vulnerabilities.

Description

The version of Apache OpenOffice installed on the remote host is a version prior to 4.1.2. It is, therefore, affected by the following vulnerabilities :

 - An overflow condition exists in the Hangul Word Processor (HWP) filter due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted HWP document, to cause a denial of service condition or the execution of arbitrary code.
 (CVE-2015-1774)

 - An information disclosure vulnerability exists due to the use of stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links. A remote attacker can exploit this, via a specially crafted ODF document, to to obtain sensitive information. (CVE-2015-4551)

 - An integer underflow condition exists in the ReadJobSetup() function due to improper validation of user-supplied input when handling printer settings. A remote attacker can exploit this, via specially crafted PrinterSetup data in an ODF document, to cause a denial of service condition or the execution of arbitrary code.
 (CVE-2015-5212)

 - An integer underflow condition exists in the WW8ScannerBase::OpenPieceTable() function due to improper validation of user-supplied input when handling the PieceTable counter. A remote attacker can exploit this, via a specially crafted .DOC file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-5213)

 - A memory corruption issue exists in 'filter/ww8/ww8scan.cxx' due to improper validation of user-supplied input when handling bookmark status positions. A remote attacker can exploit this, via a specially crafted document, to cause a denial of service condition or the execution of arbitrary code.
 (CVE-2015-5214)

Solution

Upgrade to Apache OpenOffice version 4.1.2 or later.

See Also

https://www.openoffice.org/security/cves/CVE-2015-1774.html

https://www.openoffice.org/security/cves/CVE-2015-4551.html

https://www.openoffice.org/security/cves/CVE-2015-5212.html

https://www.openoffice.org/security/cves/CVE-2015-5213.html

https://www.openoffice.org/security/cves/CVE-2015-5214.html

Plugin Details

Severity: Medium

ID: 86904

File Name: openoffice_412.nasl

Version: 1.8

Type: local

Agent: windows

Family: Windows

Published: 11/17/2015

Updated: 11/20/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2015-5214

Vulnerability Information

CPE: cpe:/a:apache:openoffice

Required KB Items: installed_sw/OpenOffice, SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Patch Publication Date: 10/28/2015

Vulnerability Publication Date: 4/27/2015

Reference Information

CVE: CVE-2015-1774, CVE-2015-4551, CVE-2015-5212, CVE-2015-5213, CVE-2015-5214