(CVE-2022-47052) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version Solution Upgrade to Apache OpenOffice version 4.1.14 or later. In the affected versions of OpenOffice, approval for certain links is not requested when activated, such links could therefore result in arbitrary script execution. The execution of such links must be subject to user approval. Links can be activated by clicks, or by automatic document events. Several URI Schemes are defined for this purpose. (CVE-2022-38745) - Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. This may lead to run arbitrary Java code from the current directory. The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. (CVE-2022-40674) - Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. It is, therefore, affected by multiple vulnerabilities: - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. Description The version of Apache OpenOffice installed on the remote host is a version prior to 4.1.14. Synopsis The remote Windows host has an application installed that is affected by multiple vulnerabilities.
0 Comments
Leave a Reply. |