Описание
OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | update feature disabled |
| devel | not-affected | update feature disabled |
| feisty | not-affected | update feature disabled |
| gutsy | not-affected | update feature disabled |
| hardy | not-affected | update feature disabled |
| upstream | needs-triage |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
OpenOffice.org (OOo) before 2.1.0 does not properly verify the authent ...
OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
7.5 High
CVSS2