CVE-2007-4575
openoffice.org
EPSS 6.3%
Description
HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
How to fix CVE-2007-4575
To remediate CVE-2007-4575, upgrade the affected package to a fixed version below.
- Debian/hsqldb—upgrade to 1.8.0.9-1 or later
- Debian/hsqldb—upgrade to 1.8.0.7-1etch1 or later
- Debian/openoffice.org—upgrade to 2.0.4.dfsg.2-7etch4 or later
Is CVE-2007-4575 being exploited?
Moderate — EPSS is 6.3%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 1.8.0.9-1
- from 0, < 1.8.0.7-1etch1
- from 0, < 2.0.4.dfsg.2-7etch4