CVSS: 9.3EPSS: 9%CPEs: 2EXPL: 0CVE-2010-2935 – OpenOffice.Org: Integer truncation error by parsing specially-crafted Microsoft PowerPoint document
https://notcve.org/view.php?id=CVE-2010-2935
25 Aug 2010 — simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error." simpress.bin en el módulo Impress en OpenOffice.org (OOo) v3.2.1 sobre Windows, no maneja adecuadamente los valor... • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 8%CPEs: 2EXPL: 0CVE-2010-2936 – OpenOffice.org: Heap-based buffer overflow by parsing specially-crafted Microsoft PowerPoint document
https://notcve.org/view.php?id=CVE-2010-2936
25 Aug 2010 — Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow. Desbordamiento de entero en simpress.bin en el módulo Impress en OpenOffice.org (OOo) v3.2.1 sobre Windows, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente, la... • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3570
https://notcve.org/view.php?id=CVE-2009-3570
06 Oct 2009 — Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en OpenOffice.org (OOo) tiene impacto y vectores de ataque remotos no especificados, según lo demostrad... • http://intevydis.com/vd-list.shtml •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3571
https://notcve.org/view.php?id=CVE-2009-3571
06 Oct 2009 — Unspecified vulnerability in OpenOffice.org (OOo) has unknown impact and client-side attack vector, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, aka "Client-side exploit." NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en OpenOffice.org (OOo) tiene un impacto desconocido y vector de ataque del ... • http://intevydis.com/vd-list.shtml • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 10%CPEs: 59EXPL: 0CVE-2009-0200 – OpenOffice.org Word document Integer Underflow
https://notcve.org/view.php?id=CVE-2009-0200
02 Sep 2009 — Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. Desbordamiento de entero en en OpenOffice.org (OOo)anteriores v3.1.1 permite a atacantes remotos ejecutar código de su elección a través de registros manipulados en la tabla de documentos de un documento Word, desencadenando un desbordamiento basado en pila. Mul... • http://development.openoffice.org/releases/3.1.1.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 13%CPEs: 17EXPL: 0CVE-2009-0201 – OpenOffice.org Word document buffer overflow
https://notcve.org/view.php?id=CVE-2009-0201
02 Sep 2009 — Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing." Desbordamiento de búfer basado en memoria dinámica en OpenOffice.org (OOo) en versiones anteriores a la 3.1.1 puede permitir atacantes remotos ejecutar código de su elección mediante registros no especificados en un documento de Word manipulado, en relación con "table parsing... • http://development.openoffice.org/releases/3.1.1.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 4%CPEs: 4EXPL: 2CVE-2009-0259 – Microsoft Windows Wordpad - '.doc' File Local Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2009-0259
22 Jan 2009 — The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841. El procesador de textos en OpenOffice.org v1.1.2 a v1.1.5 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente e... • https://www.exploit-db.com/exploits/6560 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2008-4937
https://notcve.org/view.php?id=CVE-2008-4937
05 Nov 2008 — senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file. senddoc de OpenOffice.org (OOo) v2.4.1, permite a usuarios locales sobrescribir ficheros de su elección a través de una ataque de enlace simbólico sobre un fichero temporal /tmp/log.obr.#####. • http://bugs.debian.org/496361 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.3EPSS: 11%CPEs: 13EXPL: 0CVE-2008-2237 – OpenOffice.org WMF integer overflow
https://notcve.org/view.php?id=CVE-2008-2237
30 Oct 2008 — Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document. Desbordamiento de búfer basado en montículo en OpenOffice.org (OOo) v2.x anterior a v2.4.2 permite a atacantes remotos ejecutar código de su elección mediante un archivo WMF manipulado asociado con un documento StarOffice/StarSuite. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 11%CPEs: 13EXPL: 0CVE-2008-2238 – OpenOffice.org multiple EMF buffer overflows
https://notcve.org/view.php?id=CVE-2008-2238
30 Oct 2008 — Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow. Desbordamiento de búfer basado en montículo en OpenOffice.org (OOo) v2.x anterior a v2.4.2 permite a atacantes remotos ejecutar código de su elección mediante un archivo EMF manipulado con un documento StarOffice/StarSuite. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=750 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •