Debian Bug report logs -
#454463
openoffice.org: CVE-2007-4575 possibly arbitrary code execution through crafted database files
Reported by: Nico Golde <nion@debian.org>
Date: Wed, 5 Dec 2007 12:51:19 UTC
Severity: grave
Tags: security
Found in versions openoffice.org/2.2.1-10, openoffice.org/1:2.3.0.dfsg-1, openoffice.org/2.0.4.dfsg.2-7etch4, openoffice.org/2.0.4.dfsg.2-7etch4
Fixed in versions 1:2.3.1~rc1-1, 2.0.4.dfsg.2-7etch4
Done: Rene Engelhard <rene@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Debian OpenOffice Team <debian-openoffice@lists.debian.org>
:
Bug#454463
; Package openoffice.org
.
(full text, mbox, link).
Acknowledgement sent to Nico Golde <nion@debian.org>
:
New Bug report received and forwarded. Copy sent to Debian OpenOffice Team <debian-openoffice@lists.debian.org>
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: openoffice.org
Severity: grave
Tags: security
Hi Rene,
the following CVE (Common Vulnerabilities & Exposures) id was
published for openoffice.org.
CVE-2007-4575[0]:
| Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)
| Synopsis: users opening specially crafted database documents may allow
| attackers to execute arbitrary static Java code State: Resolved 1. Impact
|
| A security vulnerability in HSQLDB, the default database engine shipped with
| OpenOffice.org 2 (all versions), may allow attackers to execute arbitrary
| static Java code, by manipulating database documents to be opened by a user.
| 2. Affected releases
|
| All versions prior to OpenOffice.org 2.3.1 3. Symptoms
|
| There are no predictable symptoms that would indicate this issue has occurred
| 4. Relief/Workaround
|
| There is no workaround. See "Resolution" below. 5. Resolution
|
| This issue is addressed in the following releases:
|
| HSQLDB 1.8.0.9 / OpenOffice.org 2.3.1
If you fix this vulnerability please also include the CVE id
in your changelog entry.
For further information:
[0] http://www.openoffice.org/security/cves/CVE-2007-4575.html
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org, Debian OpenOffice Team <debian-openoffice@lists.debian.org>
:
Bug#454463
; Package openoffice.org
.
(full text, mbox, link).
Acknowledgement sent to Rene Engelhard <rene@debian.org>
:
Extra info received and forwarded to list. Copy sent to Debian OpenOffice Team <debian-openoffice@lists.debian.org>
.
(full text, mbox, link).
Message #10 received at 454463@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
found 454463 2.0.4.dfsg-7etch4
close 454463 2.0.4.dfsg-7etch4
found 454463 2.2.1-10
found 454463 1:2.3.0.dfsg-1
close 454463 1:2.3.1~rc1-1
thanks
Hi,
Nico Golde wrote:
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for openoffice.org.
>
> CVE-2007-4575[0]:
> | Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)
> | Synopsis: users opening specially crafted database documents may allow
> | attackers to execute arbitrary static Java code State: Resolved 1. Impact
> |
> | A security vulnerability in HSQLDB, the default database engine shipped with
> | OpenOffice.org 2 (all versions), may allow attackers to execute arbitrary
> | static Java code, by manipulating database documents to be opened by a user.
> | 2. Affected releases
> |
> | All versions prior to OpenOffice.org 2.3.1 3. Symptoms
> |
> | There are no predictable symptoms that would indicate this issue has occurred
> | 4. Relief/Workaround
> |
> | There is no workaround. See "Resolution" below. 5. Resolution
> |
> | This issue is addressed in the following releases:
> |
> | HSQLDB 1.8.0.9 / OpenOffice.org 2.3.1
>
> If you fix this vulnerability please also include the CVE id
> in your changelog entry.
>
> For further information:
> [0] http://www.openoffice.org/security/cves/CVE-2007-4575.html
Yep. Already known to me since Oct, 04 :)
The version in experimental (and hsqldb 1.8.0.9-x) is fixed. 1:2.3.1-1
hangs in NEW, though (it will add the CVE mentioning to 1:2.3.1~rc1-1's
changelog).
Joey already has fixed versions for etch (-7etch4), just the DSA needs
sending out..
Closing with the appropriate versions.
Grüße/Regards,
René
--
.''`. René Engelhard -- Debian GNU/Linux Developer
: :' : http://www.debian.org | http://people.debian.org/~rene/
`. `' rene@debian.org | GnuPG-Key ID: 248AEB73
`- Fingerprint: 41FA F208 28D4 7CA5 19BB 7AD9 F859 90B0 248A EB73
[signature.asc (application/pgp-signature, inline)]
Bug marked as found in version 2.0.4.dfsg-7etch4.
Request was from Rene Engelhard <rene@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 13:12:07 GMT) (full text, mbox, link).
Bug marked as fixed in version 2.0.4.dfsg-7etch4, send any further explanations to Nico Golde <nion@debian.org>
Request was from Rene Engelhard <rene@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 13:12:08 GMT) (full text, mbox, link).
Bug marked as found in version 2.2.1-10 and reopened.
Request was from Rene Engelhard <rene@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 13:12:08 GMT) (full text, mbox, link).
Bug marked as found in version 1:2.3.0.dfsg-1.
Request was from Rene Engelhard <rene@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 13:12:09 GMT) (full text, mbox, link).
Bug marked as fixed in version 1:2.3.1~rc1-1, send any further explanations to Nico Golde <nion@debian.org>
Request was from Rene Engelhard <rene@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 13:12:10 GMT) (full text, mbox, link).
Bug no longer marked as found in version 2.0.4.dfsg-7etch4.
Request was from Rene Engelhard <rene@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 13:24:06 GMT) (full text, mbox, link).
Bug no longer marked as fixed in version 2.0.4.dfsg-7etch4.
Request was from Rene Engelhard <rene@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 13:24:07 GMT) (full text, mbox, link).
Bug marked as found in version 2.0.4.dfsg.2-7etch4.
Request was from Rene Engelhard <rene@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 13:24:09 GMT) (full text, mbox, link).
Bug marked as fixed in version 2.0.4.dfsg.2-7etch4, send any further explanations to Nico Golde <nion@debian.org>
Request was from Rene Engelhard <rene@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 13:24:10 GMT) (full text, mbox, link).
Bug marked as found in version 2.0.4.dfsg.2-7etch4.
Request was from rene.engelhard@gmx.de (Rene Engelhard)
to control@bugs.debian.org
.
(Wed, 05 Dec 2007 15:33:05 GMT) (full text, mbox, link).
Bug no longer marked as fixed in version 1:2.3.0.dfsg-3.
Request was from rene.engelhard@gmx.de (Rene Engelhard)
to control@bugs.debian.org
.
(Mon, 10 Dec 2007 10:00:04 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Wed, 06 Feb 2008 07:33:00 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 14:06:59 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.