30 results (0.049 seconds)

CVSS: 9.3EPSS: 14%CPEs: 2EXPL: 0

Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow. Desbordamiento de entero en simpress.bin en el módulo Impress en OpenOffice.org (OOo) v3.2.1 sobre Windows, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente, la ejecución de código de su elección a través de polígonos modificados en un documento PowerPoint que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html http://secunia.com/advisories/40775 http://secunia.com/advisories/41052 http://secunia.com/advisories/41235 http://secunia.com/advisories/42927 http://secunia.com/advisories/43105 http://secunia.com/advisories/60799 http://securityevaluators.com/files/papers/CrashAnalysis.pdf http://ubuntu.com/usn/usn-1056-1 http://www.debian.org/secu • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 12%CPEs: 2EXPL: 0

simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error." simpress.bin en el módulo Impress en OpenOffice.org (OOo) v3.2.1 sobre Windows, no maneja adecuadamente los valores enteros asociados a las propiedades de los elementos del diccionario, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente la ejecución de código de su elección a través de polígonos modificados en un documento PowerPoint que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html http://secunia.com/advisories/40775 http://secunia.com/advisories/41052 http://secunia.com/advisories/41235 http://secunia.com/advisories/42927 http://secunia.com/advisories/43105 http://secunia.com/advisories/60799 http://securityevaluators.com/files/papers/CrashAnalysis.pdf http://ubuntu.com/usn/usn-1056-1 http://www.debian.org/secu • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en OpenOffice.org (OOo) tiene impacto y vectores de ataque remotos no especificados, según lo demostrado por cierto módulo en VulnDisco Pack Professional 8.9. NOTA: a partir de 20091005 , esta divulgación no tiene información práctica. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/35036 http://www.securityfocus.com/bid/36285 http://www.securitytracker.com/id?1022828 •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in OpenOffice.org (OOo) has unknown impact and client-side attack vector, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, aka "Client-side exploit." NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en OpenOffice.org (OOo) tiene un impacto desconocido y vector de ataque del lado del cliente, según lo demostrado por cierto módulo en VulnDisco Pack Professional 8.8, también conocido como "Client-side exploit." NOTA: a partir de 20091005, esta divulgación no tiene información práctica. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/35036 http://www.securityfocus.com/bid/36285 http://www.securitytracker.com/id?1022832 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 33%CPEs: 17EXPL: 0

Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing." Desbordamiento de búfer basado en memoria dinámica en OpenOffice.org (OOo) en versiones anteriores a la 3.1.1 puede permitir atacantes remotos ejecutar código de su elección mediante registros no especificados en un documento de Word manipulado, en relación con "table parsing." • http://development.openoffice.org/releases/3.1.1.html http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html http://secunia.com/advisories/35036 http://secunia.com/advisories/36750 http://secunia.com/advisories/60799 http://secunia.com/secunia_research/2009-27 http://sunsolve.sun.com/search/document.do?assetkey=1-26-263508-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020715.1-1 http://www.debian.org/security/2009/dsa-1880 http://www. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •