CVE-2004-0179

Published: 1 June 2004

Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.

Priority

Status

Package	Release	Status
openoffice.org-l10n Launchpad, Ubuntu, Debian	dapper	Released (2.0.2-2ubuntu5)
	edgy	Released (2.0.2-2ubuntu5)
	feisty	Released (2.0.2-2ubuntu5)
	upstream	Needs triage
	gutsy	Released (2.0.2-2ubuntu5)
openoffice.org Launchpad, Ubuntu, Debian	dapper	Released (2.0.2-2ubuntu12.4)
	edgy	Released (2.0.4-0ubuntu6)
	feisty	Released (2.2.0-1ubuntu4)
	upstream	Needs triage
neon Launchpad, Ubuntu, Debian	dapper	Released (0.25.5.dfsg-5)
	edgy	Released (0.25.5.dfsg-5)
	feisty	Released (0.25.5.dfsg-5)
	upstream	Needs triage
	gutsy	Released (0.25.5.dfsg-5)
neon24 Launchpad, Ubuntu, Debian	dapper	Released (0.24.7.dfsg-3ubuntu1)
	edgy	Released (0.24.7.dfsg-3ubuntu1)
	feisty	Does not exist
	upstream	Needs triage
	gutsy	Does not exist
neon26 Launchpad, Ubuntu, Debian	dapper	Does not exist
	edgy	Does not exist
	feisty	Released (0.26.3-1)
	upstream	Needs triage
	gutsy	Released (0.26.3-1)
tla Launchpad, Ubuntu, Debian	dapper	Released (1.3.3-3ubuntu1)
	edgy	Released (1.3.3-3ubuntu1)
	feisty	Released (1.3.3-3ubuntu1)
	upstream	Needs triage
	gutsy	Released (1.3.3-3ubuntu1)
bazaar Launchpad, Ubuntu, Debian	dapper	Released (1.4.2-2ubuntu2)
	edgy	Released (1.4.2-2ubuntu2)
	feisty	Released (1.4.2-2ubuntu2)
	upstream	Needs triage
	gutsy	Released (1.4.2-2ubuntu2)

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›