CVE-2007-4251
https://notcve.org/view.php?id=CVE-2007-4251
OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service. OpenOffice.org (OOo) 2.2 no maneja adecuadamente ficheros con múltiples extensiones, lo cual permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio. • http://osvdb.org/46766 http://securityreason.com/securityalert/3004 http://www.securityfocus.com/archive/1/475534/100/0/threaded http://www.securitytracker.com/id?1018544 https://exchange.xforce.ibmcloud.com/vulnerabilities/35806 •
CVE-2007-0245 – openoffice.org rtf filter buffer overflow
https://notcve.org/view.php?id=CVE-2007-0245
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten. Un desbordamiento de búfer en la región heap de la memoria en OpenOffice.org (OOo) versión 2.2.1 y anteriores permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo RTF con una etiqueta prtdata creada con una incoherencia de parámetro length, lo que causa que las entradas de vtable se sobrescriban. • ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://osvdb.org/35378 http://secunia.com/advisories/25648 http://secunia.com/advisories/25650 http://secunia.com/advisories/25673 http://secunia.com/advisories/25705 http://secunia.com/advisories/25862 http://secunia.com/advisories/25894 http://secunia.com/advisories/25905 http://secunia.com/advisories/26010 http://secunia.com/advisories/26022 http://secunia.com/advisories/26476 http://sunsolve. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-5870
https://notcve.org/view.php?id=CVE-2006-5870
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records. Múltiples desbordamientos de enteros en OpenOffice.org (OOo) 2.0.4 y anteriores, y posiblemente otras versiones anteriores a 2.1.0;y StarOffice 6 hasta 8; permiten a un atacante remoto con la intervención del usuario ejecutar código de su elección mediante (1) ficheros WMF o (b) EMF manipulados que disparan un desbordamiento de búfer basado en montículo en (1) wmf/winwmf.cxx, durante el procesamiento de registros META_ESCAPE; y wmf/enhwmf.cxx durante el procesamiento de (2) registros EMR_POLYPOLYGON y (3) EMR_POLYPOLYGON16. • ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly http://fedoranews.org/cms/node/2344 http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html http://osvdb.org/32610 http://osvdb.org/32611 http://secunia.com/advisories/23549 http://secunia.com/advisories/23600 http://secunia.com/advisories/23612 http://secunia.com/advisories/23616 http://secunia.com/advisories/23620 • CWE-189: Numeric Errors •
CVE-2006-6628 – Microsoft Word Document - Malformed Pointer (PoC)
https://notcve.org/view.php?id=CVE-2006-6628
Integer overflow in OpenOffice.org (OOo) 2.1 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted DOC file, as demonstrated by the 12122006-djtest.doc file, a variant of CVE-2006-6561 in a separate codebase. Desbordamiento de enteros en el penOffice.org (OOo) 2.1 permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída de la aplicación) mediante un fichero DOC manipulado, como lo demostrado con el fichero 12122006-djtest.doc. Es una variante de la CVE-2006-6561 en un campo separado del codebase. • https://www.exploit-db.com/exploits/2922 http://securityreason.com/securityalert/2043 http://www.milw0rm.com/sploits/12122006-djtest.doc http://www.securityfocus.com/archive/1/454514/100/0/threaded http://www.securityfocus.com/archive/1/454545/100/0/threaded http://www.securityfocus.com/archive/1/454722/100/0/threaded http://www.securityfocus.com/archive/1/454737/100/0/threaded http://www.securityfocus.com/bid/21618 http://www.vupen.com/english/advisories/2006/5051 •
CVE-2006-3117
https://notcve.org/view.php?id=CVE-2006-3117
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability." • http://fedoranews.org/cms/node/2343 http://secunia.com/advisories/20867 http://secunia.com/advisories/20893 http://secunia.com/advisories/20910 http://secunia.com/advisories/20911 http://secunia.com/advisories/20913 http://secunia.com/advisories/20975 http://secunia.com/advisories/20995 http://secunia.com/advisories/21278 http://secunia.com/advisories/22129 http://secunia.com/advisories/23620 http://security.gentoo.org/glsa/glsa-200607-12.xml http://securitytracker.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •