Bug 130131 - CAN-2004-0752 openoffice.org temporary file information leakage.
Summary: CAN-2004-0752 openoffice.org temporary file information leakage.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: openoffice.org
Version: 2
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Dan Williams
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-08-17 13:37 UTC by Josh Bressers
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2004-11-08 16:54:49 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Josh Bressers 2004-08-17 13:37:30 UTC 
Secunia Research has discovered a vulnerability in the OpenOffice
implementation on Fedora Core 1 and Fedora Core 2, which potentially can
be exploited by malicious, local users to gain knowledge of sensitive
information.

Default installs create temporary OpenOffice documents with insecure
permissions ("664" or "644" depending on the user's umask) in the "/tmp"
folder.

Example:
/tmp/svelj.tmp/svemm.tmp

(The temporary folders and files are always named "sv???.tmp").

Successful exploitation allows an unprivileged user to read arbitrary
users' currently open documents.
Comment 3 Josh Bressers 2004-08-17 14:41:32 UTC 
It looks like FC1 isn't affected by this issue.
Comment 4 Josh Bressers 2004-08-18 16:36:16 UTC 
This issue will be CAN-2004-0752
Comment 5 Mark J. Cox 2004-08-23 08:26:47 UTC 
Embargo moved to Sep 8th 1300BST
Comment 6 Mark J. Cox 2004-09-12 11:04:13 UTC 
This issue is now public
http://marc.theaimsgroup.com/?l=bugtraq&m=109483308421566
Comment 7 Dan Williams 2004-09-24 15:54:31 UTC 
Josh, test with 1.1.2-5 in rawhide.  I may be able to do this early
next week.
Comment 8 Dan Williams 2004-11-08 16:54:49 UTC 
Fixed in updated 1.1.2-10.fc2 in fc2-updates
Note You need to log in before you can comment on or make changes to this bug.