Description
OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users.
Affected products
- openoffice / openoffice1.1.2 – 1.1.2
References
- MISChttp://www.securityfocus.com/bid/11151
- VENDOR_ADVISORYhttp://secunia.com/advisories/12302/
- MISChttp://www.osvdb.org/9804
- VENDOR_ADVISORYhttp://secunia.com/advisories/12546/
- MISChttp://www.redhat.com/support/errata/RHSA-2004-446.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/12668/
- MAILING_LISThttp://marc.info/?l=bugtraq&m=109483308421566&w=2
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10294
- MISChttp://www.openoffice.org/issues/show_bug.cgi?id=33357
- VENDOR_ADVISORYhttp://secunia.com/advisories/12914/
- VENDOR_ADVISORYhttp://secunia.com/advisories/12932/
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/17312
- MISChttp://securitytracker.com/id?1011205