Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Open Office

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
OpenOffice.org
And, this specific program:
OpenOffice.org 3.x

This thread has been marked as locked.
joetheyank Open Office
Member 23rd Aug, 2010 00:10
Ranking: 0
Posts: 5
User Since: 26th Nov, 2009
System Score: N/A
Location: N/A
Last edited on 23rd Aug, 2010 00:11

Secunia continually advises that Open Office needs to be updated and is a category 3 threat. When I download the most recent version of OO, it tells me that the most recent version is already installed. In an excess of caution I have deleted and reinatalled OO, but secunia refuses to recognize that this version is the most recent, again listing OO as a category 3 threat and pointing me to to update site for a solution.

This user no longer exists RE: Open Office
Member 23rd Aug, 2010 09:29
Hi,

Is there an entry for OpenOffice in both your Insecure and Patched tabs? If so, the PSI is detecting a leftover of an older version, which you need to either ignore (http://secunia.com/vulnerability_scanning/personal...), or remove.

Otherwise, could you please tell me which version of OpenOffice is being shown?
Was this reply relevant?
+0
-0
Jax-1 RE: Open Office
Member 23rd Aug, 2010 12:41
Score: 0
Posts: 2
User Since: 22nd Aug 2010
System Score: N/A
Location: N/A
Hi Emil

I'm having the same problem with Open Office.

OpenOffice. org 3.2.0
OOO320m12 (Build:9483)

Don't know if this is the latest version as I got it of this months NZ PC World Magazine
Was this reply relevant?
+0
-0
This user no longer exists RE: Open Office
Member 23rd Aug, 2010 13:04
Hi,

The latest secure version of Open Office 3.x is 3.2.9498.500.
You can download this version from here:
http://download.services.openoffice.org/files/stab...

hope this helps.
Was this reply relevant?
+0
-0
skia7 RE: Open Office
Member 23rd Aug, 2010 13:32
Score: 0
Posts: 18
User Since: 2nd Sep 2009
System Score: N/A
Location: NL
Last edited on 23rd Aug, 2010 13:35
hi i have oo also and find it a great programme.
I dloaded only the attachments i wished as i write and have no use for the other templates etc.
the updates i dload direct from OO as second vendors are best left out when the supplier is right there.
my OO is a cat 3 with secure patches.
Have you scanned the OO programme for malicious software?
Was this reply relevant?
+0
-0
joetheyank RE: Open Office
Member 24th Aug, 2010 03:35
Score: 0
Posts: 5
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
I will check on your suggestion. The security threat lists only Version 3.x.

FYI: I am running version 3.2.1 OOO320.18 (Build: 9502) which Open Office says is the most recent.
Was this reply relevant?
+0
-0
joetheyank RE: Open Office
Member 24th Aug, 2010 03:38
Score: 0
Posts: 5
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
It appears on the insecure tab with a request that I update. It appears on the patched tab, indicating that no further action is necessary. Incidentally, there is an Open Office portable 2.x app that appears on the patched tab. Might this be causing the problem?
Was this reply relevant?
+0
-0
This user no longer exists RE: Open Office
Member 24th Aug, 2010 09:49
Hi,

When an application is present on both the Insecure and Patched tabs, this means that while you have actually installed all the updates, there is an older, insecure version left behind. To see where this old version is located, navigate to the Insecure Entry, click the "+" button, and paste the field "Installation Field" here.
Was this reply relevant?
+0
-0
joetheyank RE: Open Office
Member 24th Aug, 2010 14:45
Score: 0
Posts: 5
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
For some reason, I can't copy the path; however, what I see is that it points to a "potable app, which runs off of a thumb drive that I use. I suppose I would have to delete it to avoid the false positive. An update (if one exists) likely would result in the same warning.
Was this reply relevant?
+0
-0
Anthony Wells RE: Open Office
Expert Contributor 24th Aug, 2010 15:59
Score: 2445
Posts: 3,336
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 24th Aug, 2010 16:15
@joeytheyank ,

Just to be clear ; the latest full and secure version of OOo in in the programme's "about" is 3.2.1. OOO320m18 (Build:9502)and this version shows as 3.2.9498.500 in the PSI "patched tab .

You say 3.x is showing in the "insecure" tab of the PSI ; as requested by Emil , what is the version and the exact installation path for this version and in which language is it written ??

All language versions are displayed here :-

http://download.openoffice.org/other.html#tested-f...

Concerning the portable version 2.x in the "patched" tab , again , what is the version and the exact installation path ??

An out of date piece of such sofware on a thumb drive is a bad idea if you want to avoid malware .

Hope this helps.

Anthony

PS : for copy and paste try Ctrl + C then Ctrl +V

EDIT :

PPS : did you make your own portable version and if so , using which software ??
Or are you using this :-

http://portableapps.com/apps/office/openoffice_por...

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
joetheyank RE: Open Office
Member 29th Aug, 2010 19:06
Score: 0
Posts: 5
User Since: 26th Nov 2009
System Score: N/A
Location: N/A
Thanks for all the help. I removed the portable apps (including Open Office and the problem was resolved. Incidentally, the portable apps were loaded as part of a SanDisk Cruzer Micro flash drive that I own.
Was this reply relevant?
+0
-0
Anthony Wells RE: Open Office
Expert Contributor 29th Aug, 2010 19:25
Score: 2445
Posts: 3,336
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi Joe ,

Thank you for the update ; portable apps. are the coming thing along with the clouds .

However , if you websearch , you will see a lot of disquiet concerning USB vulnerabilities : eg :-

http://www.itpro.co.uk/625312/usb-malware-threaten...

Recent research data implicate them in a large number of contaminations , especially if they get passed around . Having said that , it means you need to be extra careful in setting up and connecting your drives and not using unpatched software .

Here is a list of "freeware" portable apps. from Gizmo' website which might interest you ; they give "unbiased" reviews of their experience with software :-

http://www.techsupportalert.com/best-free-portable...

Take care

Anthony


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer