bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[USN-388-1] KOffice vulnerability

from [Kees Cook] [Permanent Link][Original]
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-388-1] KOffice vulnerability
From: Kees Cook <kees@ubuntu.com>
Date: Wed, 29 Nov 2006 13:29:32 -0800
Cc: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
Delivered-to: sp-com-lists@consult.net
Delivered-to: bugtraq-list@securepoint.com
Delivered-to: mailing list bugtraq@securityfocus.com
Delivered-to: moderator for bugtraq@securityfocus.com
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@securityfocus.com; run by ezmlm
Organization: Ubuntu 
=========================================================== 
Ubuntu Security Notice USN-388-1          November 29, 2006
koffice vulnerability
CVE-2006-6120
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
  koffice-libs                             1:1.4.1-0ubuntu7.4

After a standard system upgrade you need to restart your Desktop session 
to effect the necessary changes.

Details follow:

An integer overflow was discovered in KOffice's filtering code.  By 
tricking a user into opening a specially crafted PPT file, attackers 
could crash KOffice or possibly execute arbitrary code with the user's 
privileges.


Updated packages for Ubuntu 5.10:

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.4.1-0ubuntu7.4.diff.gz
      Size/MD5:    68701 00932ef9fcfa1d04bdcd3d02399e6b54
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.4.1-0ubuntu7.4.dsc
      Size/MD5:     1048 9afa7821978d0a695ccdac7db1eb3e58
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.4.1.orig.tar.gz
      Size/MD5: 21026614 9e214aef83d2a9a6485a831a67b7bcfa

  Architecture independent packages:

    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.4.1-0ubuntu7.4_all.deb
      Size/MD5:   634772 7fd40e05783a3d9546534195c66648f8
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.4.1-0ubuntu7.4_all.deb
      Size/MD5:   688372 19dbb2fc1879c35b5a059d53313946ce
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.4.1-0ubuntu7.4_all.deb
      Size/MD5:   326300 2c25ae3bd2059a0df6f70bf548b29454
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.4.1-0ubuntu7.4_all.deb
      Size/MD5:    22892 d68438ea3a5948dc30dd595abc4bc323

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:   433004 93fa7fdb2ccdf62436a0a3ffc30d4653
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:   960898 eddbfe366d1fff0c5d3d57746a6a3d36
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:   707762 f21e7cc05b1362495dc4205de91836a1
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:   167020 e547f4cd0296e704d21a655ed6c70ed0
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:   178454 6885ee6e6db8568fe2e2a31cb24de2f1
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:  5552572 9c517913e9b7767472927543bf94bf3c
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:   106670 c17f47264ec277cfab98591612f58d48
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:  2895504 256232cc7b38ded14892ae87315c5009
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:  2574826 de98505de6899025707ae849633adc3f
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:  1034992 1c21071eeaca6a441de4a045785e64ed
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:   327320 e88c8aac476d63ed0bc9e9ce4b2c1e0a
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:   481400 9160377c8719abe32abb55cbbfe8d2f5
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.4.1-0ubuntu7.4_amd64.deb
      Size/MD5:  5736518 67e268b62aef4a788260ec46910bd970

  i386 architecture (x86 compatible Intel/AMD)

    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:   377394 97d295c575ac98c298a59ead1189def4
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:   954852 94bbe0f51a198b020cdd7f6786648aa0
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:   701352 80b333ec3aa6ec5c1b51f0a8dc5ede3e
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:   153312 f26df7570623906502ff33853e7162e4
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:   178460 5322a94138cfe9a6f0c3b1c6a729a992
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:  4949830 c90d916c41c1c2119853a0fadd25a3bd
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:   101200 24dbfe4d12bd4efcf89f73a02ee992ff
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:  2786100 9bc56c55021de36b2c11f99723ab3188
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:  2495444 857a4bf9fc8c520ecc01fb408644a8e9
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:   967028 699df680dbb7ce1eab59ac96ee98f9cd
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:   322374 72f22887c75ed2bc9a36c7b0c62a3e86
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:   449560 deb912f53797b36bd78e65a81ae949a8
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.4.1-0ubuntu7.4_i386.deb
      Size/MD5:  5463188 6ac4849bd415571b236364cb728d3fa6

  powerpc architecture (Apple Macintosh G3/G4/G5)

    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:   430582 f48450e917cf6aeccb536054ba890cc6
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:   965060 0d03528b35c2d19089cc06205dc878fe
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:   706386 d40def53afb5a74e2df3473008dfa91b
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:   170472 2c1dbcf8b85434c1a18807ecf4c9c1bd
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:   178450 0011685fe0961eb97505a56aa02b6489
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:  5218554 96e1c309e419c0394b91a89d8112e9df
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:   105184 378a189a9a1907ed4a1eb626ade6c591
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:  2831236 11e394a926e1f886f952bd6ebc76b0a7
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:  2539898 4649a0d16765302f2ae57834dab875c6
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:   996450 057b0926d976e4fc622b2a2f0b599037
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:   329264 e5de058fccffb07fbe61f523bd069246
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:   466704 13356452d0ddc84ba53b4858321e42f3
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.4.1-0ubuntu7.4_powerpc.deb
      Size/MD5:  5618448 803242e6ff1ee5bfe6fcdcfbfdadcf8c

  sparc architecture (Sun SPARC/UltraSPARC)

    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:   384438 71a480d5c3fe9bb5ae737db61acda456
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:   956294 eeaec4aada765ce4dee7138760d1b6bf
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:   701392 a7330a78760f62f711343961f31675f1
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:   151282 184c6d96e4e7f7a25c2714cf0d91382d
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:   178472 abd1b00aad73a814063b7081fb20ddc1
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:  5099614 9d7cd91aa01ff45d9be2a1f23a8fbe9b
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:   101434 62b2d2be3d9efa1d4300ab2f2081eaa8
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:  2814930 be78c646f7517399dd3dc665b6f8b3ef
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:  2505104 245e4436a592136dbf90a64e01430c49
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:   976878 696fa0b29047b2dcde1274f027e1db4e
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:   322878 c5f6c230f001041ca02f8330edb3f64f
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:   449936 62e05f34fecff064852d405c7556e543
    
http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.4.1-0ubuntu7.4_sparc.deb
      Size/MD5:  5533476 14a6ed4aad576147a47dc938a1389511

Attachment: signature.asc
Description: Digital signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [USN-388-1] KOffice vulnerability, Kees Cook <=
Previous by Date:  Re: PHP Event Calendar 1.5.1 (index.php) Remote File Include Vulnerability, Stuart Moore
Next by Date:  Potentially OT: AJAX article, clappymonkey
Previous by Thread:  [Aria-Security Team] FipsSHOP SQL Injection, Advisory
Next by Thread:  Potentially OT: AJAX article, clappymonkey
Indexes:  [Date] [Thread] [Top] [All Lists]