Debian Linux 3.1描述:
OpenOffice OpenOffice 2.1
BUGTRAQ ID: 22812
CVE(CAN) ID: CVE-2007-0239
OpenOffice是个整合性的软件,包含了许多文字处理、表格、公式等办公工具。
OpenOffice没有正确地转义Shell元字符,如果用户受骗打开了恶意文档并点击了其中链接的话,就可能导致注入并执行任意shell命令。
<*来源:Debian
链接:http://secunia.com/advisories/24588/
http://www.debian.org/security/2007/dsa-1270
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1270-1)以及相应补丁:
DSA-1270-1:New OpenOffice.org packages fix several vulnerabilities
链接:http://www.debian.org/security/2007/dsa-1270
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge6.dsc
Size/MD5 checksum: 2878 6c4447f2bdd8cde4e10556eacb9aef80
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge6.diff.gz
Size/MD5 checksum: 4630152 e9d9ee838f73572836b059f8033bdb35
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3.orig.tar.gz
Size/MD5 checksum: 166568714 5250574bad9906b38ce032d04b765772
Architecture independent components:
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-af_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2648700 9dedff380f535381ca48fc23da8c74ae
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ar_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2696106 2eebd4484da0e9a4dcbde3b01e309ba7
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ca_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2692842 e2f0cce7f7ca75c26a55b2615a0d32a2
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cs_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 3587952 02a0dcfd7d36cea6433365e4c9acd00f
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cy_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2664822 176c3bd0b24dc4a0700d558e7df15ddd
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-da_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 3584442 b7a8d9b8b21a152537ef71d3dce56d54
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-de_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 3455220 214fd0769fb967b22521b244a5f8e412
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-el_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2742946 04c91de4bb5b2b6d453ede296693889a
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-en_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 3527040 738553a6850160b374d36b7a83f79370
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-es_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 3563372 db130e40120c69626e950063eee07a3d
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-et_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2646546 5ebb68935e9a3eba761cc2574717339c
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-eu_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2670434 ed48f9c2f37fed09f741ce4f8a690bc5
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-fi_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2675206 5f7d1dcd9a1e3ee8c9582da53300e8f4
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-fr_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 3496040 b65004e7d70e0bc6b94ce5fcba33f21c
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-gl_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2659162 dc858e988c2025cc37b76d1b21d400b8
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-he_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2661416 d3ad4533667aa90f52bed28b1525437c
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-hi_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2697048 b84ec1f9fa2561e4c2f344b6d6052986
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-hu_1.1.3-9sarge6_all.deb
Size/MD5 checksum: 2772632 fcb6b507ff92c95c94a85f471a0fa522
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-it_1.1.3-9sarge6_all.deb
