OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.

**updates at fedoraproject.org** updates at fedoraproject.org  
_Mon Jun 7 22:16:55 UTC 2010_

*   Previous message: Fedora 12 Update: webkitgtk-1.2.0-1.fc12
*   Next message: Fedora 13 Update: kmid2-2.3.0-2.fc13
*   **Messages sorted by:** \[ date \] \[ thread \] \[ subject \] \[ author \]

\--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-9576
2010-06-07 20:39:19
--------------------------------------------------------------------------------

Name        : openoffice.org
Product     : Fedora 12
Version     : 3.1.1
Release     : 19.32.fc12
URL         : http://www.openoffice.org/
Summary     : OpenOffice.org comprehensive office suite.
Description :
OpenOffice.org is an Open Source, community-developed, multi-platform
office productivity suite.  It includes the key desktop applications,
such as a word processor, spreadsheet, presentation manager, formula
editor and drawing program, with a user interface and feature set
similar to other office suites.  Sophisticated and flexible,
OpenOffice.org also works transparently with a variety of file
formats, including Microsoft Office.

Usage: Simply type "ooffice" to run OpenOffice.org or select the
requested component (Writer, Calc, Impress, etc.) from your
desktop menu. On first start a few files will be installed in the
user's home, if necessary.

--------------------------------------------------------------------------------
Update Information:

A security vulnerability in OpenOffice.org, related to python scripting, might
lead to unexpected code execution when using the built-in scripting IDE for
exploring python code.
--------------------------------------------------------------------------------
ChangeLog:

\* Sat Jun  5 2010 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.32
- Resolves: CVE-2010-0395 openoffice.org-3.2.1.pyuno.patch
- Resolves: rhbz#595718 workspace.mba33issues01.patch
- Resolves: rhbz#596980 workspace.vcl112.patch
\* Wed May 19 2010 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.31
- Resolves: rhbz#593561 openoffice.org-3.3.0.ooo111699.svx.nullfield.patch
\* Fri May  7 2010 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.30
- Resolves: rhbz#589883 openoffice.org-3.1.1.oooXXXXX.sw.ww8exportcrash.patch
\* Tue Apr 27 2010 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.29
- Resolves: rhbz#574542 \[abrt\] crash in
  slideshow::internal::EventMultiplexerImpl::forEachView<> (dtardon)
- Resolves: rhbz#579817 \[abrt\] crash in writePivotTable (caolanm)
- Resolves: rhbz#580694 \[abrt\] crash in SwDrawTextShell::Init (caolanm)
- Resolves: rhbz#580285 \[abrt\] crash in OutWW8\_SwTextGrid (caolanm)
\* Tue Mar 16 2010 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.28
- Resolves: rhbz#573654 fix unwanted "Red" translation (caolanm)
\* Mon Mar 15 2010 Dennis Gilmore <dennis at ausil.us\> - 1:3.1.1-19.27
- sparc needs --with-alloc=system (dennis)
- prelink is known to not work on sparc so dont run the checks to make sure it will work on sparc arches (dennis)
- fakeroot doesnt work on sparc64, fontpackages-devel requires rpmdevtools which requires fakeroot (dennis)
- ExcludeArch sparc64 for unresovleable deps (dennis)
- Resolves: rhbz#565519 add openoffice.org-3.2.0.ooo95369.sw.sortedobjs.patch (caolanm)
- Resolves: rhbz#566099 fix modal dialog exit in qstarter (caolanm)
- Resolves: rhbz#565906 don't crash on bad .svg in add to gallery (caolanm)
- Resolves: rhbz#564133 \[abrt\] crash in pdfi::(anonymous
  namespace)::Parser::parseLine (dtardon)
- Resolves: rhbz#566586 setting OpenOffice to show changes in document
  colored by author doesn't persist (dtardon)
- Resolves: rhbz#566990 handle unreadable .db files (caolanm)
- Resolves: rhbz#568655 add openoffice.org-3.2.0.ooo109743.svx.safedragdrop.patch (caolanm)
- Resolves: rhbz#570102 openoffice.org-3.2.0.ooo109766.dbaccess.catch.patch (caolanm)
- Resolves: rhbz#571100 fix .svg import crash (caolanm)
- Resolves: rhbz#571540 cannot select evolution addressbook as data source (caolanm)
\* Fri Feb 12 2010 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.26
- CVE-2009-2950 GIF file parsing heap overflow (caolanm)
- CVE-2009-2949 integer overflow in XPM processing (caolanm)
- CVE-2009-3301 .doc Table Parsing vulernability (caolanm)
- CVE-2009-3302 .doc Table Parsing vulernability (caolanm)
- Resolves: rhbz#561778 openoffice.org-3.2.0.oooXXXXX.svx.safestyledelete.patch
- Resolves: rhbz#561989 openoffice.org-3.2.0.ooo109009.sc.tooltipcrash.patch
- Resolves: rhbz#445588 improve same name substitution
\* Tue Feb  2 2010 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.25
- Resolves: rhbz#549890 add workspace.extmgr01.patch (dtardon)
- Resolves: rhbz#551983 OpenOffice writer crashes when opening document
  with link in footnote (dtardon)
- Resolves: rhbz#550316 Openoffice.org Impress loses graphics when
  background color is changed (dtardon)
- Resolves: rhbz#554259 No autocorrect files for Lithuanian (dtardon)
- Resolves: rhbz#553929 \[abrt\] crash in ColorConfigCtrl\_Impl::ScrollHdl
  (dtardon)
- Resolves: rhbz#549573 improve document compare (caolanm)
- Resolves: rbhz#555257 openoffice cannot use JPEG images using CMYK
  colorspace (dtardon)
- Resolves: rhbz#558342 \[abrt\] crash in SvxNumOptionsTabPage::InitControls
  (dtardon)
- Resolves: ooo#108637/rhbz#558253 sfx2 uisavedir (caolanm)
- Resolves: rhbz#560435 rtf dropcap crash (caolanm)
- Resolves: rhbz#560996/rhbz#560353 qstartfixes (caolanm)
\* Tue Dec 22 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.24
- Resolves: rhbz#545824 bustage in writer with emboldened fonts
\* Fri Dec 18 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.23
- Resolves: rhbz#548512 workspace.ooo32gsl03.patch
\* Tue Dec 15 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.22
- Resolves: rhbz#529648 add workspace.fwk132.patch
- Resolves: rhbz#547176 add 
  openoffice.org-3.2.0.ooo47279.sd.objectsave.safe.patch
\* Wed Dec  9 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.21
- Resolves: rhbz#544124 add openoffice.org-3.2.0.ooo106502.svx.fixspelltimer.patch
- Resolves: rhbz#544218 add openoffice.org-3.2.0.ooo107552.vcl.sft.patch
- Resolves: rhbz#545783 add workspace.vcl105.patch
\* Fri Nov 27 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.20
- Resolves: rhbz#541222 add
  openoffice.org-3.2.0.ooo107260.dtrans.clipboard.shutdown.patch (caolanm)
\* Mon Nov 23 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.19
- Resolves: rhbz#540379/ooo#107131 impress tabledrag crash
- Resolves: rhbz#540231 add openoffice.org-3.2.0.oooXXXXX.canvas.fixcolorspace.patch
- add openoffice.org-4.2.0.ooo107151.sc.pop-empty-cell.patch (dtardon)
- Resolves: rhbz#533538 OpenOffice keyboard shortcuts mis-map in the
  Spanish localized version of OOo (caolanm)
\* Tue Nov 17 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.18
- Resolves: ooo#59648 sw .doc export scaling (caolanm)
\* Tue Nov 10 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.17
- Resolves: rhbz#533841 ooo#105710 svx loadstorenumbering (caolanm)
\* Thu Nov  5 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.16
- Resolves: ooo#106523 fix pdf/A export on x86\_64 (caolanm)
\* Thu Nov  5 2009 Caolán McNamara <caolanm at redhat.com\> - 1:3.1.1-19.15
- Resolves: ooo#106497 language marked as providing spellchecking when
  unavailable (caolanm)
- Resolves: rhbz#532330 openoffice impress doesn't recognise .ogv
  files as video (dtardon)
- Resolves: rhbz#533146 calc notes go missing on save (caolanm)
--------------------------------------------------------------------------------
References:

  \[ 1 \] Bug #574119 - CVE-2010-0395 openoffice.org Execution of Python code when browsing macros
        https://bugzilla.redhat.com/show\_bug.cgi?id=574119
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update openoffice.org' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

*   Previous message: Fedora 12 Update: webkitgtk-1.2.0-1.fc12
*   Next message: Fedora 13 Update: kmid2-2.3.0-2.fc13
*   **Messages sorted by:** \[ date \] \[ thread \] \[ subject \] \[ author \]

More information about the package-announce mailing list

CVE-2010-0395: [SECURITY] Fedora 12 Update: openoffice.org-3.1.1-19.32.fc12

The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message.

Image

Featured Details

**Multiple ways to consume Secunia Research**

Secunia delivers software security research that provides reliable, curated and actionable vulnerability intelligence. Organizations can expect to receive standardized, validated and enriched vulnerability research on a specific version of a software product. Secunia Research supports four solutions:

SVG

**Data Platform**

Data Platform leverages Secunia Research to provide high-level insights based on major or minor versions of software in your normalized inventory

Learn More

SVG

**Flexera One**

Flexera One utilizes Secunia Research (alongside public NVD data) to provide more granular matching of build-level versions of software in your normalized inventory within its IT Asset Management and IT Visibility solutions

Learn More

How it works

**Accurate, reliable vulnerability insights at your fingertips**

The Secunia Research team from Flexera is comprised of several security specialists who conduct vulnerability research in various products in addition to testing, verifying and validating public vulnerability reports. Since its inception in 2002, the goal of the Secunia Research team is to provide the most accurate and reliable source of vulnerability intelligence.

Delivering the world’s best vulnerability intelligence requires skill and passion. Team members continually develop their skills exploring various high-profile closed and open-source software using a variety of approaches, focusing chiefly on thorough code audits and binary analysis. The team has received industry recognition, including naming members to Microsoft’s Most Valuable Security Researchers list.

Secunia researchers discover hard-to-find vulnerabilities that aren’t normally identified with techniques such as fuzzing, and the results have been impressive. Members of the Secunia Research team have discovered critical vulnerabilities in products from vendors including Microsoft, Symantec, IBM, Adobe, RealNetworks, Trend Micro, HP, Blue Coat, Samba, CA, Mozilla and Apple.

The team produces invaluable security advisories based on research of the vulnerabilities affecting any given software update. Sometimes a single update can address multiple vulnerabilities of varying criticalities and threats; but these advisories aggregate and distill findings down to a single advisory perfect for the prioritization of patching efforts within Software Vulnerability Manager. Criticality scores are consistently applied along with details around attack vector and other valuable details within Software Vulnerability Research. Illegitimate vulnerability reports are also investigated and rejected so you can focus only on what truly matters.

CVE-2010-1624: About Secunia Research | Flexera

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.

The Secunia Research team from Flexera is comprised of a number of security specialists who—in addition to testing, verifying, and validating public vulnerability reports—conduct their own vulnerability research in various products. Since the founding of the Secunia Research team in 2002, it has been our goal to be provide the most accurate and reliable source of vulnerability intelligence.

Delivering the world’s best vulnerability intelligence requires skill and passion. The members of our team continually develop their skills exploring various high-profile closed and open source software using a variety of approaches, focusing chiefly on thorough code audits and binary analysis.   In 2019 a member of our team was recognized by Microsoft’s Most Valuable Security Researchers list.

This enables Secunia researchers to discover hard-to-find vulnerabilities that are not normally identified via techniques such as fuzzing, and the approach has been effective. Members of the Secunia Research team have discovered critical vulnerabilities in products from vendors including Microsoft, Symantec, IBM, Adobe, RealNetworks, Trend Micro, HP, Blue Coat, Samba, CA, Mozilla, and Apple.

The team produces invaluable security advisories based upon the research of the vulnerabilities affecting any given software update. Sometimes a single update can address multiple vulnerabilities of varying criticalities and threats; but these advisories aggregate and distill findings down to a single advisory perfect for the prioritization of patch efforts. In these advisories, criticality scores are consistently applied along with details around attack vector and other valuable details. Illegitimate vulnerability reports are also investigated and rejected so you can focus only on what truly matters.

**Related links**

*   Software Vulnerability Research
    
*   Software Vulnerability Research - Secunia Data
    
*   Software Vulnerability Manager
    
*   Security advisories from Secunia Research
    
*   Anatomy of a security advisory
    
*   Vulnerability Disclosure Policy
    
*   Support
    

Informing IT, Transforming IT

**Industry insights to help keep you informed**

CVE-2010-1287: About Secunia Research | Flexera

Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted Shockwave file.

Image

Featured Details

**Multiple ways to consume Secunia Research**

Secunia delivers software security research that provides reliable, curated and actionable vulnerability intelligence. Organizations can expect to receive standardized, validated and enriched vulnerability research on a specific version of a software product. Secunia Research supports four solutions:

SVG

**Data Platform**

Data Platform leverages Secunia Research to provide high-level insights based on major or minor versions of software in your normalized inventory

Learn More

SVG

**Flexera One**

Flexera One utilizes Secunia Research (alongside public NVD data) to provide more granular matching of build-level versions of software in your normalized inventory within its IT Asset Management and IT Visibility solutions

Learn More

How it works

**Accurate, reliable vulnerability insights at your fingertips**

The Secunia Research team from Flexera is comprised of several security specialists who conduct vulnerability research in various products in addition to testing, verifying and validating public vulnerability reports. Since its inception in 2002, the goal of the Secunia Research team is to provide the most accurate and reliable source of vulnerability intelligence.

Delivering the world’s best vulnerability intelligence requires skill and passion. Team members continually develop their skills exploring various high-profile closed and open-source software using a variety of approaches, focusing chiefly on thorough code audits and binary analysis. The team has received industry recognition, including naming members to Microsoft’s Most Valuable Security Researchers list.

Secunia researchers discover hard-to-find vulnerabilities that aren’t normally identified with techniques such as fuzzing, and the results have been impressive. Members of the Secunia Research team have discovered critical vulnerabilities in products from vendors including Microsoft, Symantec, IBM, Adobe, RealNetworks, Trend Micro, HP, Blue Coat, Samba, CA, Mozilla and Apple.

The team produces invaluable security advisories based on research of the vulnerabilities affecting any given software update. Sometimes a single update can address multiple vulnerabilities of varying criticalities and threats; but these advisories aggregate and distill findings down to a single advisory perfect for the prioritization of patching efforts within Software Vulnerability Manager. Criticality scores are consistently applied along with details around attack vector and other valuable details within Software Vulnerability Research. Illegitimate vulnerability reports are also investigated and rejected so you can focus only on what truly matters.

Informing IT, Transforming IT

**Industry insights to help keep you informed**

CVE-2010-0986: About Secunia Research | Flexera

Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (aka Director) file that triggers an array index error.

CVE-2010-0129: About Secunia Research | Flexera

iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.

CVE-2010-1281: About Secunia Research | Flexera

Integer signedness error in dirapi.dll in Adobe Shockwave Player before 11.5.7.609 and Adobe Director before 11.5.7.609 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir file that triggers an invalid read operation.

Image

![Secunia Research](http://secunia.com/sites/default/files/2022-04/hero-secunia-research-bg.jpg)

Featured Details

**Multiple ways to consume Secunia Research**

Secunia delivers software security research that provides reliable, curated and actionable vulnerability intelligence. Organizations can expect to receive standardized, validated and enriched vulnerability research on a specific version of a software product. Secunia Research supports four solutions:

SVG

![Data Platform](http://secunia.com/sites/default/files/2022-04/icon-secunia-research-dp.svg)

**Data Platform**

Data Platform leverages Secunia Research to provide high-level insights based on major or minor versions of software in your normalized inventory

Learn More

SVG

![Flexera One](http://secunia.com/sites/default/files/2022-04/icon-secunia-research-flexera-one.svg)

**Flexera One**

Flexera One utilizes Secunia Research (alongside public NVD data) to provide more granular matching of build-level versions of software in your normalized inventory within its IT Asset Management and IT Visibility solutions

Learn More

How it works

**Accurate, reliable vulnerability insights at your fingertips**

The Secunia Research team from Flexera is comprised of several security specialists who conduct vulnerability research in various products in addition to testing, verifying and validating public vulnerability reports. Since its inception in 2002, the goal of the Secunia Research team is to provide the most accurate and reliable source of vulnerability intelligence.

Delivering the world’s best vulnerability intelligence requires skill and passion. Team members continually develop their skills exploring various high-profile closed and open-source software using a variety of approaches, focusing chiefly on thorough code audits and binary analysis. The team has received industry recognition, including naming members to Microsoft’s Most Valuable Security Researchers list.

Secunia researchers discover hard-to-find vulnerabilities that aren’t normally identified with techniques such as fuzzing, and the results have been impressive. Members of the Secunia Research team have discovered critical vulnerabilities in products from vendors including Microsoft, Symantec, IBM, Adobe, RealNetworks, Trend Micro, HP, Blue Coat, Samba, CA, Mozilla and Apple.

The team produces invaluable security advisories based on research of the vulnerabilities affecting any given software update. Sometimes a single update can address multiple vulnerabilities of varying criticalities and threats; but these advisories aggregate and distill findings down to a single advisory perfect for the prioritization of patching efforts within Software Vulnerability Manager. Criticality scores are consistently applied along with details around attack vector and other valuable details within Software Vulnerability Research. Illegitimate vulnerability reports are also investigated and rejected so you can focus only on what truly matters.

Informing IT, Transforming IT

**Industry insights to help keep you informed**

CVE-2010-0128: About Secunia Research | Flexera

Directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.

CVE-2010-1717: About Secunia Research | Flexera

The XSS Filter in Microsoft Internet Explorer 8 does not properly perform neutering for the SCRIPT tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, a different issue than CVE-2009-4074.

Tag

#microsoft