CVSS: 9.8EPSS: 9%CPEs: 3EXPL: 0CVE-2014-3524 – Ubuntu Security Notice USN-2331-1
https://notcve.org/view.php?id=CVE-2014-3524
22 Aug 2014 — Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet. Apache OpenOffice anterior a 4.1.1 permite a atacantes remotos ejecutar comandos arbitrarios y posiblemente tener otro impacto no especificado a través de una hoja de cálculo Calc manipulada. Rohan Durve and James Kettle discovered LibreOffice Calc sometimes allowed for command injection when opening spreadsheets. If a user were tricked into opening ... • http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2013-4156
https://notcve.org/view.php?id=CVE-2013-4156
31 Jul 2013 — Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file. Apache OpenOffice.org (OOo) anterior a 4.0 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente tener otro impacto no especificado a través de un elemento modificado en un documento OOXML. • http://osvdb.org/95706 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2013-2189 – OpenOffice DOC Memory Corruption
https://notcve.org/view.php?id=CVE-2013-2189
26 Jul 2013 — Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file. Apache OpenOffice.org (OOo) anterior a 4.0 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de datos PLCF no válidos en un archivo DOC. Apache OpenOffice suffers from a vulnerability that is caused by operating on in... • http://osvdb.org/95704 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 7%CPEs: 15EXPL: 0CVE-2012-2665 – libreoffice: Multiple heap-based buffer overflows in the XML manifest encryption handling code
https://notcve.org/view.php?id=CVE-2012-2665
06 Aug 2012 — Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four. Múltiples desbordamientos de bufer basado en en la funcionalidad de cifrado de manifi... • http://rhn.redhat.com/errata/RHSA-2012-1135.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 6%CPEs: 5EXPL: 2CVE-2012-2149 – libwpd: Memory overwrite flaw by processing certain WordPerfect (WPD) documents
https://notcve.org/view.php?id=CVE-2012-2149
21 Jun 2012 — The WPXContentListener::_closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org (OOo) before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report this issue as an integer overflow. La función WPXContentListener::_closeTableRow en WPXContentListener.cpp en libwpd v0.8.8, tal y como es usado por OpenOffice.org (OOo) antes de v3.4, permite a atacantes remotos e... • http://archives.neohapsis.com/archives/bugtraq/2012-05/0090.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 2%CPEs: 14EXPL: 0CVE-2012-1149 – libreoffice: Integer overflows, leading to heap-buffer overflows in JPEG, PNG and BMP reader implementations
https://notcve.org/view.php?id=CVE-2012-1149
21 Jun 2012 — Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow. Un desbordamiento de entero en el módulo de vclmi.dll en OpenOffice.org (OOo) v3.3, v3.4 Beta, y posiblemente en versiones anteriores, y Libr... • http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 11%CPEs: 13EXPL: 2CVE-2012-2334 – libreoffice: Integer overflow leading to buffer overflow by processing invalid Escher graphics records length in the Powerpoint documents
https://notcve.org/view.php?id=CVE-2012-2334
19 Jun 2012 — Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow. Desbordamiento de entero en filter/source/msfilter/msdffimp.cxx en OpenOffice.org (OOo) v3.3, v3.4 Beta, y posiblemente anteriores, y LibreOffice antes de v3... • http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 1CVE-2012-0037 – raptor: XML External Entity (XXE) attack via RDF files
https://notcve.org/view.php?id=CVE-2012-0037
17 Jun 2012 — Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. Redland Raptor (también conocido como libraptor) anterior a v2.0.7, utilizado por OpenOffice v3.3 y v3.4 Beta, LibreOffice anterior a v3.4.6 y v3.5.x anterior a v3.5.1, y otros productos, permite a atacantes re... • http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0CVE-2010-3450 – OpenOffice.org: directory traversal flaws in handling of XSLT jar filter descriptions and OXT extension files
https://notcve.org/view.php?id=CVE-2010-3450
28 Jan 2011 — Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. Múltiples vulnerabilidades de salto de directorio en OpenOffice.org (OOo) v2.x y v3.x anteriores a v3.3, permite a atacantes remotos añadir y ejecutar comandos de su elección a través de .. (punto punto) en el par... • http://osvdb.org/70711 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 8%CPEs: 7EXPL: 0CVE-2010-3451 – OpenOffice.org: Array index error by insecure parsing of broken rtf tables
https://notcve.org/view.php?id=CVE-2010-3451
28 Jan 2011 — Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document. Vulnerabilidad uso después de liberación en oowriter en OpenOffice.org (OOo) v2.x y v3.x antereiores a v3.3 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de tablas con formato incorrec... • http://osvdb.org/70712 • CWE-416: Use After Free •