Security CVE-2007-4575

Talk about anything at all....

Security CVE-2007-4575

Postby BIOSbvba » Wed Dec 12, 2007 4:12 pm

Hello,

We have OO installed in our company without the Base module (so only Writer, Impress, Calc and Draw). We want to know if our pc's are vulnerable for the arbitrary code execution in 3rd party module (HSQLDB) if we don't have the database module installed. There is a file hsqldb2.dll installed, but how can we run an extension if Base is not installed?

We run OO on W2K and XP pc's.

Regards
BIOSbvba
 
Posts: 4
Joined: Wed Dec 12, 2007 3:48 pm

Re: Security CVE-2007-4575

Postby TerryE » Sun Jan 13, 2008 5:34 pm

I assume that you are referring to http://www.frsirt.com/english/advisorie ... 2/solution et al. AS long as HSQLDB is not configured as a service and you are running OOo 2.3.1 this vulnerability is closed.
Ubuntu 11.04-x64 + LibreOffice 3 and MS free except the boss's Notebook which runs XP + OOo 3.3.
TerryE
Volunteer
 
Posts: 1402
Joined: Sat Oct 06, 2007 10:13 pm
Location: UK


Return to General Discussion

Who is online

Users browsing this forum: Exabot [Bot] and 3 guests