Page 1 of 1

Security CVE-2007-4575

PostPosted: Wed Dec 12, 2007 4:12 pm
by BIOSbvba
Hello,

We have OO installed in our company without the Base module (so only Writer, Impress, Calc and Draw). We want to know if our pc's are vulnerable for the arbitrary code execution in 3rd party module (HSQLDB) if we don't have the database module installed. There is a file hsqldb2.dll installed, but how can we run an extension if Base is not installed?

We run OO on W2K and XP pc's.

Regards

Re: Security CVE-2007-4575

PostPosted: Sun Jan 13, 2008 5:34 pm
by TerryE
I assume that you are referring to http://www.frsirt.com/english/advisorie ... 2/solution et al. AS long as HSQLDB is not configured as a service and you are running OOo 2.3.1 this vulnerability is closed.