Vulnerability Name:

CVE-2007-0238 (CCN-33112)

Assigned:2007-03-20
Published:2007-03-20
Updated:2018-10-16
Summary:Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2007-0238

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:023

Source: CCN
Type: RHSA-2007-0033
Important: openoffice.org security update

Source: CCN
Type: RHSA-2007-0069
Important: openoffice.org security update

Source: SECUNIA
Type: Vendor Advisory
24465

Source: SECUNIA
Type: Vendor Advisory
24550

Source: CCN
Type: SA24588
OpenOffice.org Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
24588

Source: SECUNIA
Type: Vendor Advisory
24613

Source: CCN
Type: SA24646
StarOffice Two Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
24646

Source: SECUNIA
Type: Vendor Advisory
24647

Source: SECUNIA
Type: Vendor Advisory
24676

Source: SECUNIA
Type: Vendor Advisory
24810

Source: SECUNIA
Type: Vendor Advisory
24906

Source: CCN
Type: SECTRACK ID: 1017799
OpenOffice.org Office Suite Bugs Let Remote Users Execute Arbitrary Code or Shell Commands

Source: CCN
Type: Sun Alert ID: 102794
Due to a Security Vulnerability in StarOffice, Manipulated StarCalc 1.0 Files May Allow Arbitrary Code Execution

Source: SUNALERT
Type: UNKNOWN
102794

Source: CCN
Type: ASA-2007-150
Due to a Security Vulnerability in StarOffice Manipulated StarCalc 1.0 Files May Allow Arbitrary Code Execution (Sun 102794)

Source: CCN
Type: ASA-2007-284
OpenOffice.org security update (RHSA-2007-0033)

Source: DEBIAN
Type: Vendor Advisory
DSA-1270

Source: DEBIAN
Type: DSA-1270
openoffice.org -- several vulnerabilities

Source: CCN
Type: GLSA-200704-12
OpenOffice.org: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200704-12

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:073

Source: MISC
Type: UNKNOWN
http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-openoffice-suite/

Source: CCN
Type: OpenOffice.org Web site
OpenOffice.org: Home

Source: CONFIRM
Type: UNKNOWN
http://www.openoffice.org/security/CVE-2007-0238

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0033

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0069

Source: BUGTRAQ
Type: UNKNOWN
20070404 High Risk Vulnerability in OpenOffice

Source: BID
Type: UNKNOWN
23067

Source: CCN
Type: BID-23067
OpenOffice StarCalc Parser Unspecified Buffer Overflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1017799

Source: CCN
Type: USN-444-1
OpenOffice.org vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-444-1

Source: VUPEN
Type: Vendor Advisory
ADV-2007-1032

Source: VUPEN
Type: Vendor Advisory
ADV-2007-1117

Source: XF
Type: UNKNOWN
openoffice-starcalc-bo(33112)

Source: XF
Type: UNKNOWN
openoffice-starcalc-bo(33112)

Source: CONFIRM
Type: UNKNOWN
https://issues.foresightlinux.org/browse/FL-211

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-1118

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:8968

Source: SUSE
Type: SUSE-SA:2007:023
OpenOffice_org security update

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openoffice:openoffice:*:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:sun:staroffice:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:sun:staroffice:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:openoffice:openoffice.org:*:*:*:*:*:*:*:*
  • OR cpe:/a:sun:staroffice:8.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20070238
    V
    		CVE-2007-0238
    2022-06-30
    oval:org.opensuse.security:def:112807
    P
    		libreoffice-7.1.5.2-3.13 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106276
    P
    		libreoffice-7.1.5.2-3.13 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:26107
    P
    		Security update for openssl-1_0_0 (Important)
    2021-08-24
    oval:org.opensuse.security:def:26104
    P
    		Security update for libcares2 (Important)
    2021-08-16
    oval:org.opensuse.security:def:36479
    P
    		libreoffice-4.0.3.3.26-0.10.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36482
    P
    		libreoffice-testtool-3.4.5.5-0.3.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:26043
    P
    		Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:26040
    P
    		Security update for gdm (Important)
    2021-04-28
    oval:org.opensuse.security:def:26032
    P
    		Security update for sudo (Important)
    2021-04-20
    oval:org.opensuse.security:def:26029
    P
    		Security update for the Linux Kernel (Important)
    2021-04-15
    oval:org.opensuse.security:def:26028
    P
    		Security update for xorg-x11-server (Important)
    2021-04-13
    oval:org.opensuse.security:def:26031
    P
    		Security update for php74 (Moderate)
    2021-01-14
    oval:org.opensuse.security:def:26457
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:26232
    P
    		Security update for openconnect (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26804
    P
    		perl-HTML-Parser on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26661
    P
    		OpenEXR on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26370
    P
    		Security update for mbedtls (Important)
    2020-12-01
    oval:org.opensuse.security:def:27477
    P
    		libreoffice on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26749
    P
    		libgtop on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26605
    P
    		libtiff3 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26235
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26807
    P
    		perl-spamassassin on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26707
    P
    		glib2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26373
    P
    		Security update for ffmpeg (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27480
    P
    		libreoffice-testtool on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26760
    P
    		libpoppler-glib4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26608
    P
    		libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26313
    P
    		Security update for python-requests (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27442
    P
    		libevent-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26710
    P
    		gnome-screensaver on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26454
    P
    		Security update for python-Jinja2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26763
    P
    		libqt4-sql-mysql on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26658
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26316
    P
    		Recommended update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:27445
    P
    		libexpat-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26746
    P
    		libfreebl3 on GA media (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:22523
    P
    		ELSA-2007:0069: openoffice.org security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:8968
    V
    		Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note.
    2013-04-29
    oval:org.debian:def:1270
    V
    		several vulnerabilities
    2013-01-21
    oval:com.redhat.rhsa:def:20070033
    P
    		RHSA-2007:0033: openoffice.org security update (Important)
    2008-03-20
    oval:com.redhat.rhsa:def:20070069
    P
    		RHSA-2007:0069: openoffice.org security update (Important)
    2007-03-22
    BACK
    openoffice openoffice *
    sun staroffice 6.0
    sun staroffice 7.0
    openoffice openoffice.org *
    sun staroffice 8.0
    gentoo linux *
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    suse suse linux 10.0
    canonical ubuntu 6.06
    suse suse linux 10.1
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    novell opensuse 10.2
    suse suse linux 9.3