Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Openoffice Subscribe
Filtered by product Openoffice.org
Total 15 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-2936 2 Microsoft, Openoffice 2 Windows, Openoffice.org 2023-02-12 9.3 HIGH N/A
Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
CVE-2009-0201 1 Openoffice 1 Openoffice.org 2018-10-11 9.3 HIGH N/A
Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing."
CVE-2009-0200 1 Openoffice 1 Openoffice.org 2018-10-11 9.3 HIGH N/A
Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow.
CVE-2009-0259 1 Openoffice 1 Openoffice.org 2017-09-28 9.3 HIGH N/A
The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841.
CVE-2008-2237 1 Openoffice 1 Openoffice.org 2017-09-28 9.3 HIGH N/A
Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document.
CVE-2008-2238 1 Openoffice 1 Openoffice.org 2017-09-28 9.3 HIGH N/A
Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.
CVE-2008-3282 1 Openoffice 1 Openoffice.org 2017-09-28 9.3 HIGH N/A
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.
CVE-2008-2152 1 Openoffice 1 Openoffice.org 2017-09-28 9.3 HIGH N/A
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
CVE-2008-0320 1 Openoffice 1 Openoffice.org 2017-09-28 9.3 HIGH N/A
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
CVE-2007-5746 1 Openoffice 1 Openoffice.org 2017-09-28 6.8 MEDIUM N/A
Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.
CVE-2010-2935 2 Microsoft, Openoffice 2 Windows, Openoffice.org 2017-09-18 9.3 HIGH N/A
simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error."
CVE-2008-4937 1 Openoffice 1 Openoffice.org 2017-08-07 2.6 LOW N/A
senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file.
CVE-2009-3570 1 Openoffice 1 Openoffice.org 2015-11-24 10.0 HIGH N/A
Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2009-3571 1 Openoffice 1 Openoffice.org 2015-11-24 9.3 HIGH N/A
Unspecified vulnerability in OpenOffice.org (OOo) has unknown impact and client-side attack vector, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, aka "Client-side exploit." NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2008-3437 1 Openoffice 1 Openoffice.org 2008-09-05 7.5 HIGH N/A
OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.