绿盟科技NSFOCUS安全漏洞系统

安全研究

安全漏洞

OpenOffice StarCalc解析器远程栈溢出漏洞

发布日期：2006-12-15
更新日期：2007-03-22

受影响系统：

Debian Linux 3.1
OpenOffice OpenOffice 2.1
OpenOffice OpenOffice 2.0.x

描述：

BUGTRAQ  ID: 23067
CVE(CAN) ID: CVE-2007-0238

OpenOffice是个整合性的软件，包含了许多文字处理、表格、公式等办公工具。

OpenOffice的StarCalc解析器实现上存在漏洞，如果用户受骗使用OpenOffice打开了恶意文档的话，就可能触发StarCalc解析器中的栈溢出，导致执行任意指令。

<*来源：Next Generation Security

  链接：http://secunia.com/advisories/24588/
        http://www.debian.org/security/2007/dsa-1270
        http://lwn.net/Alerts/227331/?format=printable
        http://lwn.net/Alerts/227330/?format=printable
        http://security.gentoo.org/glsa/glsa-200704-12.xml
*>

建议：

厂商补丁：

Debian
------
Debian已经为此发布了一个安全公告（DSA-1270-1）以及相应补丁:
DSA-1270-1：New OpenOffice.org packages fix several vulnerabilities
链接：http://www.debian.org/security/2007/dsa-1270

补丁下载：

Source archives:

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge6.dsc
Size/MD5 checksum:     2878 6c4447f2bdd8cde4e10556eacb9aef80
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge6.diff.gz
Size/MD5 checksum:  4630152 e9d9ee838f73572836b059f8033bdb35
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3.orig.tar.gz
Size/MD5 checksum: 166568714 5250574bad9906b38ce032d04b765772

Architecture independent components:

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-af_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2648700 9dedff380f535381ca48fc23da8c74ae
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ar_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2696106 2eebd4484da0e9a4dcbde3b01e309ba7
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ca_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2692842 e2f0cce7f7ca75c26a55b2615a0d32a2
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cs_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3587952 02a0dcfd7d36cea6433365e4c9acd00f
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cy_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2664822 176c3bd0b24dc4a0700d558e7df15ddd
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-da_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3584442 b7a8d9b8b21a152537ef71d3dce56d54
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-de_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3455220 214fd0769fb967b22521b244a5f8e412
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-el_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2742946 04c91de4bb5b2b6d453ede296693889a
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-en_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3527040 738553a6850160b374d36b7a83f79370
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-es_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3563372 db130e40120c69626e950063eee07a3d
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-et_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2646546 5ebb68935e9a3eba761cc2574717339c
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-eu_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2670434 ed48f9c2f37fed09f741ce4f8a690bc5
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-fi_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2675206 5f7d1dcd9a1e3ee8c9582da53300e8f4
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-fr_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3496040 b65004e7d70e0bc6b94ce5fcba33f21c
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-gl_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2659162 dc858e988c2025cc37b76d1b21d400b8
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-he_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2661416 d3ad4533667aa90f52bed28b1525437c
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-hi_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2697048 b84ec1f9fa2561e4c2f344b6d6052986
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-hu_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2772632 fcb6b507ff92c95c94a85f471a0fa522
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-it_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3557364 ed6dcc2203bb3329ce98c4e626a9ffa7
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ja_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3564910 59cbed0cba5644f4f428fa9cb5551c2d
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-kn_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2686506 a7aa7937a1818cb63537746e961c2072
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ko_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3541338 a411e36d9d06b844628a1bbce51508f1
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-lt_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2673870 8899a3bddb951b8affe9b68774d22cb5
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-nb_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2665700 dadd04e21d730a0eda273205d8b0e506
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-nl_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3561748 6807bb01d7c2bef00c393128d7948da4
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-nn_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2665678 08076bb0916dd8d702b0ac6a6b582aba
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ns_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2667602 8cd2a2fd1544772908a239fcf81d5057
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-pl_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3241012 ffa736fab57309f09cf269316c2be189
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-pt-br_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3527818 b97751305b37e48e99e76eff3a684239
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-pt_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3164122 4aa344cc3da0d600bbf7a37f6d161df9
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ru_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3333266 b5c3466e4f6df17431cfe57840da8da4
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-sk_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3604862 1c9e35a8b63c9cff2a7ac25f9613cbf9
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-sl_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3600626 0802e8e76b4f13e0c8c426051d3d19b0
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-sv_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3543964 7c75870c1e87da21750175c9347b1e17
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-th_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2689868 2df2a8205355c4081f5b41f1a8a23485
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-tn_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2652696 6aee58cf724a13ae07ffcb2d52b4fde6
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-tr_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2895216 99f03f68a8046edbf56faf2d75d82edd
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-zh-cn_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3554128 bf3e1b409a3779b7f3dac854dbd878b3
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-zh-tw_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3549590 ce73373dbc4b1598d01596ab3ac91a96
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-zu_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  2673534 06ae86a2e873845cf08e9fff5d23ff6a
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-mimelnk_1.1.3-9sarge6_all.deb
Size/MD5 checksum:    67534 56b5d2fe567a33bd5d208e0f179b4410
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-thesaurus-en-us_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  3131362 f1e269dc8d5cd27099e3c1db7bd15c8d
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge6_all.deb
Size/MD5 checksum:  6852372 c2c23a8406b9890521f87716585e0fd4
http://security.debian.org/pool/updates/main/o/openoffice.org/ttf-opensymbol_1.1.3-9sarge6_all.deb
Size/MD5 checksum:   137464 6f58470f00a2ec8c27ab98e875de956c

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-bin_1.1.3-9sarge6_i386.deb
Size/MD5 checksum: 41473388 b280f888e5a84c12e359e7f6830a81a7
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-dev_1.1.3-9sarge6_i386.deb
Size/MD5 checksum:  1857594 e54523506eb611fa23e758161cf250b0
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-evolution_1.1.3-9sarge6_i386.deb
Size/MD5 checksum:   164856 f1809a564e47ee6cf1af37883fe91108
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-gtk-gnome_1.1.3-9sarge6_i386.deb
Size/MD5 checksum:   160390 6a214287121ed3d1a03c2b3efbd3950e
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-kde_1.1.3-9sarge6_i386.deb
Size/MD5 checksum:   144378 87bff29447ba1026c8ea6a2cb56dc406

PowerPC architecture:

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-bin_1.1.3-9sarge6_powerpc.deb
Size/MD5 checksum: 39929566 545ef69eda0f41c93c1e09a3f2ff2efa
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-dev_1.1.3-9sarge6_powerpc.deb
Size/MD5 checksum:  1865952 828b0ce16533bb417a593edbcda9deac
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-evolution_1.1.3-9sarge6_powerpc.deb
Size/MD5 checksum:   161836 8ccbd9c932eb05eb6cc79fd84759d5f2
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-gtk-gnome_1.1.3-9sarge6_powerpc.deb
Size/MD5 checksum:   159046 bca17d24d59e847fc46e3ce3847a1a75
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-kde_1.1.3-9sarge6_powerpc.deb
Size/MD5 checksum:   142544 dd2356f4c0d924006a8340b4ac42ac76

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-bin_1.1.3-9sarge6_s390.deb
Size/MD5 checksum: 42752608 21b8a45df2205e8193977539d79df845
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-dev_1.1.3-9sarge6_s390.deb
Size/MD5 checksum:  1853012 fc6d24bf76d4967999edb066e585dd0c
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-evolution_1.1.3-9sarge6_s390.deb
Size/MD5 checksum:   167062 43ea44833535e55c4593d4c66a6b887a
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-gtk-gnome_1.1.3-9sarge6_s390.deb
Size/MD5 checksum:   166918 cfd508737ce96134e2f1f4e6969cde3c
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-kde_1.1.3-9sarge6_s390.deb
Size/MD5 checksum:   145564 e7fc82f32d149e99be23a85a5eae3f60

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-bin_1.1.3-9sarge6_sparc.deb
Size/MD5 checksum: 40804962 5ea6fa0ce8f275db0e841db5e46a3956
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-dev_1.1.3-9sarge6_sparc.deb
Size/MD5 checksum:  1847980 713150289b2908fd6a4cc98b13293ac3
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-evolution_1.1.3-9sarge6_sparc.deb
Size/MD5 checksum:   168226 181d3b7efbdc3decebc5d605c386af14
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-gtk-gnome_1.1.3-9sarge6_sparc.deb
Size/MD5 checksum:   158594 ba8b7b9491cfd6295afac1e49d87c704
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-kde_1.1.3-9sarge6_sparc.deb
Size/MD5 checksum:   140106 9ab2c61b292603df23efc2a7c3eb7867

补丁安装方法：

1. 手工安装补丁包：

  首先，使用下面的命令来下载补丁软件：
  # wget url  (url是补丁下载链接地址)

  然后，使用下面的命令来安装补丁：
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包：

   首先，使用下面的命令更新内部数据库：
   # apt-get update

   然后，使用下面的命令安装更新软件包：
   # apt-get upgrade

RedHat
------
RedHat已经为此发布了安全公告（RHSA-2007:0033-01，RHSA-2007:0069-01）以及相应补丁:
RHSA-2007:0033-01：Important: openoffice.org security update
链接：http://lwn.net/Alerts/227330/?format=printable
RHSA-2007:0069-01：Important: openoffice.org security update
链接：http://lwn.net/Alerts/227331/?format=printable

Gentoo
------
Gentoo已经为此发布了一个安全公告（GLSA-200704-12）以及相应补丁:
GLSA-200704-12：OpenOffice.org: Multiple vulnerabilities
链接：http://security.gentoo.org/glsa/glsa-200704-12.xml

所有OpenOffice.org用户都应升级到最新版本：

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=3Dapp-office/openoffice-2.1.0-r1"

所有OpenOffice.org二进制程序用户都应升级到最新版本：

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=3Dapp-office/openoffice-bin-2.2.0"

浏览次数：5108
严重程度：0（网友投票）

本安全漏洞由绿盟科技翻译整理，版权所有，未经许可，不得转载
绿盟科技给您安全的保障

关于我们: 公司介绍; 公司荣誉; 公司新闻

联系我们: 公司总部; 分支机构; 海外机构

快速链接: 绿盟云; 绿盟威胁情报中心NTI; 技术博客