fkie_cve-2008-3437
Vulnerability from fkie_nvd
Published
2008-08-01 14:41
Modified
2024-11-21 00:49
Severity ?
Summary
OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html
cve@mitre.orghttp://securitytracker.com/id?1020583
cve@mitre.orghttp://www.infobyte.com.ar/down/Francisco%20Amato%20-%20evilgrade%20-%20ENG.pdf
cve@mitre.orghttp://www.infobyte.com.ar/down/isr-evilgrade-1.0.0.tar.gz
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1020583
af854a3a-2127-422b-91ae-364da2661108http://www.infobyte.com.ar/down/Francisco%20Amato%20-%20evilgrade%20-%20ENG.pdf
af854a3a-2127-422b-91ae-364da2661108http://www.infobyte.com.ar/down/isr-evilgrade-1.0.0.tar.gz
Impacted products
Vendor Product Version
openoffice openoffice.org 1.1.5
openoffice openoffice.org 2.0
openoffice openoffice.org 2.0.2
openoffice openoffice.org 2.0.3
openoffice openoffice.org 2.0.4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice.org:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E697B8A3-447B-4D7B-A02B-191119453CCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice.org:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45DD57AC-8CA4-48DB-90F9-2D7260AB7650",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice.org:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C065AAB-58E3-4312-AD74-A3E103AC73DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice.org:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9487A325-308D-442A-89A9-E8650925F43F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice.org:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4B493F3-833A-47E9-AB60-BE2D635EF8AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning."
    },
    {
      "lang": "es",
      "value": "OpenOffice.org (OOo) anterior a 2.1.0 no verifica adecuadamente la autenticidad de las actualizaciones, lo cual permite a a atacantes de tipo \u0027hombre en el medio\u0027 (man-in-the-middle) ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de la actualizaci\u00f3n de un Caballo de Troya, como se demuestra por el grado de da\u00f1o y el envenenamiento de la cach\u00e9 DNS."
    }
  ],
  "id": "CVE-2008-3437",
  "lastModified": "2024-11-21T00:49:15.197",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-01T14:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1020583"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.infobyte.com.ar/down/Francisco%20Amato%20-%20evilgrade%20-%20ENG.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.infobyte.com.ar/down/isr-evilgrade-1.0.0.tar.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020583"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.infobyte.com.ar/down/Francisco%20Amato%20-%20evilgrade%20-%20ENG.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.infobyte.com.ar/down/isr-evilgrade-1.0.0.tar.gz"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of OpenOffice.org as shipped with Red Hat Enterprise Linux 3, 4, or 5. The updated Red Hat Enterprise Linux packages are not distributed via the openoffice.org update service, but rather via Red Hat Network, using the package manager capabilities to verify authenticity of updates.",
      "lastModified": "2008-08-04T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.