RHSA-2010-0459: openoffice.org2-base

NASLDB: RHSA-2010-0459: openoffice.org2-base

General

ID: 46835
Name: RHSA-2010-0459: openoffice.org2-base

Summary: Check for the version of the openoffice.org2-base packages

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Base Vector: –
CVSS Temporal Vector: –

Port: 0
Family: Red Hat Local Security Checks
Type: Local

Description

Updated openoffice.org packages that fix one security issue are now
available for Red Hat Enterprise Linux 4 and 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

OpenOffice.org is an office productivity suite that includes desktop
applications, such as a word processor, spreadsheet application,
presentation manager, formula editor, and a drawing program.

A flaw was found in the way OpenOffice.org enforced a macro security
setting for macros, written in the Python scripting language, that were
embedded in OpenOffice.org documents. If a user were tricked into opening
a specially-crafted OpenOffice.org document and previewed the macro
directory structure, it could lead to Python macro execution even if macro
execution was disabled. (CVE-2010-0395)

All users of OpenOffice.org are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue. For Red
Hat Enterprise Linux 4, this erratum provides updated openoffice.org2
packages. For Red Hat Enterprise Linux 5, this erratum provides updated
openoffice.org packages. All running instances of OpenOffice.org
applications must be restarted for this update to take effect.