Total
16 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-3117 | 2 Openoffice, Sun | 2 Openoffice, Staroffice | 2018-10-18 | 7.6 HIGH | N/A |
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability." | |||||
CVE-2006-2198 | 2 Openoffice, Sun | 2 Openoffice, Staroffice | 2018-10-18 | 7.6 HIGH | N/A |
OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. | |||||
CVE-2006-2199 | 2 Openoffice, Sun | 2 Openoffice, Staroffice | 2018-10-18 | 7.6 HIGH | N/A |
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. | |||||
CVE-2006-6628 | 1 Openoffice | 1 Openoffice | 2018-10-17 | 4.3 MEDIUM | N/A |
Integer overflow in OpenOffice.org (OOo) 2.1 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted DOC file, as demonstrated by the 12122006-djtest.doc file, a variant of CVE-2006-6561 in a separate codebase. | |||||
CVE-2006-5870 | 2 Openoffice, Sun | 2 Openoffice, Staroffice | 2018-10-17 | 9.3 HIGH | N/A |
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records. | |||||
CVE-2007-0245 | 1 Openoffice | 1 Openoffice | 2018-10-16 | 9.3 HIGH | N/A |
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten. | |||||
CVE-2007-0238 | 1 Openoffice | 1 Openoffice | 2018-10-16 | 9.3 HIGH | N/A |
Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note. | |||||
CVE-2007-4251 | 1 Openoffice | 1 Openoffice | 2018-10-15 | 4.3 MEDIUM | N/A |
OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service. | |||||
CVE-2007-0239 | 1 Openoffice | 1 Openoffice | 2017-10-10 | 9.3 HIGH | N/A |
OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. | |||||
CVE-2005-0941 | 1 Openoffice | 1 Openoffice | 2017-10-10 | 5.1 MEDIUM | N/A |
The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow. | |||||
CVE-2004-0752 | 1 Openoffice | 1 Openoffice | 2017-10-10 | 2.1 LOW | N/A |
OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users. | |||||
CVE-2008-2366 | 2 Openoffice, Redhat | 2 Openoffice, Enterprise Linux | 2017-09-28 | 4.4 MEDIUM | N/A |
Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use in the RPATH library path. | |||||
CVE-2007-4575 | 1 Openoffice | 1 Openoffice | 2017-09-28 | 9.3 HIGH | N/A |
HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods." | |||||
CVE-2007-5745 | 1 Openoffice | 1 Openoffice | 2017-09-28 | 6.8 MEDIUM | N/A |
Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records. | |||||
CVE-2005-4636 | 1 Openoffice | 1 Openoffice | 2009-11-11 | 4.6 MEDIUM | N/A |
OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings. | |||||
CVE-2002-2210 | 1 Openoffice | 1 Openoffice | 2008-09-05 | 6.2 MEDIUM | N/A |
The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file. |