CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2013-4156
https://notcve.org/view.php?id=CVE-2013-4156
31 Jul 2013 — Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file. Apache OpenOffice.org (OOo) anterior a 4.0 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente tener otro impacto no especificado a través de un elemento modificado en un documento OOXML. • http://osvdb.org/95706 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2013-2189 – OpenOffice DOC Memory Corruption
https://notcve.org/view.php?id=CVE-2013-2189
26 Jul 2013 — Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file. Apache OpenOffice.org (OOo) anterior a 4.0 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de datos PLCF no válidos en un archivo DOC. Apache OpenOffice suffers from a vulnerability that is caused by operating on in... • http://osvdb.org/95704 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 7%CPEs: 15EXPL: 0CVE-2012-2665 – libreoffice: Multiple heap-based buffer overflows in the XML manifest encryption handling code
https://notcve.org/view.php?id=CVE-2012-2665
06 Aug 2012 — Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four. Múltiples desbordamientos de bufer basado en en la funcionalidad de cifrado de manifi... • http://rhn.redhat.com/errata/RHSA-2012-1135.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 1CVE-2012-0037 – raptor: XML External Entity (XXE) attack via RDF files
https://notcve.org/view.php?id=CVE-2012-0037
17 Jun 2012 — Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. Redland Raptor (también conocido como libraptor) anterior a v2.0.7, utilizado por OpenOffice v3.3 y v3.4 Beta, LibreOffice anterior a v3.4.6 y v3.5.x anterior a v3.5.1, y otros productos, permite a atacantes re... • http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0CVE-2010-3450 – OpenOffice.org: directory traversal flaws in handling of XSLT jar filter descriptions and OXT extension files
https://notcve.org/view.php?id=CVE-2010-3450
28 Jan 2011 — Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. Múltiples vulnerabilidades de salto de directorio en OpenOffice.org (OOo) v2.x y v3.x anteriores a v3.3, permite a atacantes remotos añadir y ejecutar comandos de su elección a través de .. (punto punto) en el par... • http://osvdb.org/70711 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 8%CPEs: 7EXPL: 0CVE-2010-3451 – OpenOffice.org: Array index error by insecure parsing of broken rtf tables
https://notcve.org/view.php?id=CVE-2010-3451
28 Jan 2011 — Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document. Vulnerabilidad uso después de liberación en oowriter en OpenOffice.org (OOo) v2.x y v3.x antereiores a v3.3 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de tablas con formato incorrec... • http://osvdb.org/70712 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 8%CPEs: 7EXPL: 0CVE-2010-3452 – OpenOffice.org: Integer signedness error (crash) by processing certain RTF tags
https://notcve.org/view.php?id=CVE-2010-3452
28 Jan 2011 — Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document. Vulnerabilidad uso después de liberación en oowriter en OpenOffice.org (OOo) v2.x y v3.x antes de v3.3 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de la manipulación de etiquetas en un d... • http://osvdb.org/70713 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 6%CPEs: 7EXPL: 0CVE-2010-3453 – OpenOffice.org: Heap-based buffer overflow by processing *.doc files with WW8 list styles with specially-crafted count of list levels
https://notcve.org/view.php?id=CVE-2010-3453
28 Jan 2011 — The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write. La función WW8ListManager::WW8ListManager en oowriter en OpenOffice.org v2.x (OOo) y v3.x anterior a ... • http://osvdb.org/70714 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 6%CPEs: 7EXPL: 0CVE-2010-3454 – OpenOffice.org: Array index error by scanning document typography information of certain *.doc files
https://notcve.org/view.php?id=CVE-2010-3454
28 Jan 2011 — Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write. Múltiples errores de superación de límite (off-by-one) en la función WW8DopTypography::ReadFromMem en oowriter en OpenOffice.org (OOo) v2.x y v3.x anteriores a v3.3 permi... • http://osvdb.org/70715 • CWE-193: Off-by-one Error •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2010-3689 – OpenOffice.org: soffice insecure LD_LIBRARY_PATH setting
https://notcve.org/view.php?id=CVE-2010-3689
28 Jan 2011 — soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. soffice en OpenOffice.org (OOo) v3.x anteriores a v3.3 pone un nombre de directorio de longitud cero en el LD_LIBRARY_PATH, que permite a usuarios locales conseguir privilegios a través de un caballo de Troya en una biblioteca compartida en el directorio de trabajo actual. Multiple vulnerabil... • http://osvdb.org/70716 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •