CVE-2008-4937

Publication date 5 November 2008

Last updated 24 July 2024

Ubuntu priority

Low

Why this priority?

senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file.

Read the notes from the security team

Status

Package Ubuntu Release Status
openoffice.org 8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 1:2.4.1-1ubuntu2.1
7.10 gutsy
Not affected
6.06 LTS dapper
Not affected

Notes

jdstrand

affected code not present in Ubuntu 6.06 LTS and 7.10

References

Related Ubuntu Security Notices (USN)

    • USN-677-1
    • OpenOffice.org vulnerabilities
    • 26 November 2008

Other references