Detections
Analytics
OpenOffice < 3.2.1 Multiple Vulnerabilities
medium Nessus Network Monitor Plugin ID 5564
Synopsis
The remote host has a program that is affected by multiple vulnerabilities.Description
The version of OpenOffice installed on the remote host is earlier than 3.2.1. Such version are affected by several issues :- There is a TLS/SSL renegotiation vulnerability in the included third-party OpenSSL library. (CVE-2009-3555)
- There is a python scripting vulnerability which may lead to undesired code execution when using the OpenOffice scripting IDE. (CVE-2010-0395)
Solution
Upgrade to OpenOffice version 3.2.1 or later.See Also
Plugin Details
Severity: Medium
ID: 5564
Family: Generic
Published: 6/7/2010
Updated: 3/6/2019
Nessus ID: 46814
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: Medium
Base Score: 5.6
Temporal Score: 4.9
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:sun:openoffice.org
Patch Publication Date: 6/7/2010
Vulnerability Publication Date: 11/9/2009
Reference Information
CVE: CVE-2009-3555, CVE-2010-0395