----------------------------------------------------------------------

Do you need accurate and reliable IDS / IPS / AV detection rules?

Get in-depth vulnerability details:
http://secunia.com/binary_analysis/sample_analysis/

----------------------------------------------------------------------

TITLE:
Sun StarOffice/StarSuite Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA32676

VERIFY ADVISORY:
http://secunia.com/advisories/32676/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

REVISION:
1.1 originally posted 2008-11-14

SOFTWARE:
StarOffice / StarSuite 7.x
http://secunia.com/advisories/product/3062/
StarOffice / StarSuite 8.x
http://secunia.com/advisories/product/10337/

DESCRIPTION:
Sun has acknowledged some vulnerabilities in Sun
StarOffice/StarSuite, which potentially can be exploited by malicious
people to compromise a user's system.

For more information:
SA32419

The vulnerabilities are reported in StarOffice/StarSuite version 7
and 8 for the SPARC, x86, Linux, and Windows platform and StarSuite 8
Impress Standalone for the Windows platform.

SOLUTION:
Apply patches.

-- SPARC Platform --

StarOffice/StarSuite 7:
Apply product patch 13 (patch 116519-17) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-116519-17-1

StarOffice 8:
Apply update 12 (patch 120185-17) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120185-17-1

StarSuite 8:
Apply update 12 (patch 120189-17) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120189-17-1

-- x86 Platform --

StarOffice/StarSuite 7:
Apply product patch 13 (patch 117073-15) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-117073-15-1

StarOffice 8:
Apply update 12 (patch 120186-17) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120186-17-1

StarSuite 8:
Apply update 12 (patch 120190-17) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120190-17-1

-- Linux Platform --

StarOffice/StarSuite 7:
Apply product patch 13 (patch 116518-17) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-116518-17-1

StarOffice 8:
Apply update 12 (patch 120184-16) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120184-16-1

StarSuite 8:
Apply update 12 (patch 120188-16) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120188-16-1

-- Windows Platform --

StarOffice/StarSuite 7:
Apply product patch 13 (patch 116520-16) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-116520-16-1

StarOffice 8:
Apply update 12 (patch 120187-16) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120187-16-1

StarSuite 8:
Apply update 12 (patch 120191-16) or later.
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120191-16-1

A final resolution is pending completion for Windows StarSuite 8
Impress Standalone.

CHANGELOG:
2008-11-14: Added link to "Original Advisory" section. Added CVE
reference. Updated "Title" and "Description" section.

ORIGINAL ADVISORY:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-243226-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-242627-1

OTHER REFERENCES:
SA32419:
http://secunia.com/advisories/32419/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------