CVSS: 9.3EPSS: 21%CPEs: 7EXPL: 0CVE-2009-2950 – openoffice.org: GIF file parsing heap overflow
https://notcve.org/view.php?id=CVE-2009-2950
16 Feb 2010 — Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression. Desbordamiento de búfer basado en pila en la función GIFLZWDecompressor::GIFLZWDecompressor en filter.vcl/lgif/decode.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos causar una dene... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 42%CPEs: 7EXPL: 0CVE-2009-3301 – OpenOffice.org Word sprmTDefTable Memory Corruption
https://notcve.org/view.php?id=CVE-2009-3301
16 Feb 2010 — Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document. Desbordamiento de enteros en filter/ww8/ww8par2.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos causar una denegación de servicio (caída aplicación) o probablemente ejecutar código de su elección a través de una tabla modificadora ... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.3EPSS: 42%CPEs: 7EXPL: 0CVE-2009-3302 – OpenOffice.org Word sprmTSetBrc Memory Corruption
https://notcve.org/view.php?id=CVE-2009-3302
16 Feb 2010 — filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw." filter/ww8/ww8par2.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos causar una denegación de servicio (caída de aplicacion) o probablemente ejecutar código de su elección a través de una tabla modificadora de propiedade... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 10%CPEs: 59EXPL: 0CVE-2009-0200 – OpenOffice.org Word document Integer Underflow
https://notcve.org/view.php?id=CVE-2009-0200
02 Sep 2009 — Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. Desbordamiento de entero en en OpenOffice.org (OOo)anteriores v3.1.1 permite a atacantes remotos ejecutar código de su elección a través de registros manipulados en la tabla de documentos de un documento Word, desencadenando un desbordamiento basado en pila. Mul... • http://development.openoffice.org/releases/3.1.1.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 13%CPEs: 17EXPL: 0CVE-2009-0201 – OpenOffice.org Word document buffer overflow
https://notcve.org/view.php?id=CVE-2009-0201
02 Sep 2009 — Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing." Desbordamiento de búfer basado en memoria dinámica en OpenOffice.org (OOo) en versiones anteriores a la 3.1.1 puede permitir atacantes remotos ejecutar código de su elección mediante registros no especificados en un documento de Word manipulado, en relación con "table parsing... • http://development.openoffice.org/releases/3.1.1.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 4%CPEs: 4EXPL: 2CVE-2009-0259 – Microsoft Windows Wordpad - '.doc' File Local Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2009-0259
22 Jan 2009 — The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841. El procesador de textos en OpenOffice.org v1.1.2 a v1.1.5 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente e... • https://www.exploit-db.com/exploits/6560 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 8%CPEs: 1EXPL: 0CVE-2007-5745 – openoffice.org: Quattro Pro files handling heap overflows in Attribute and Font records
https://notcve.org/view.php?id=CVE-2007-5745
17 Apr 2008 — Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records. Múltiples desbordamientos de búfer en la región heap de la memoria en OpenOffice.org versiones anteriores a 2.4, permiten a los atacantes remotos causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario por medio de un archivo Qua... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=691 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 5%CPEs: 10EXPL: 0CVE-2007-4575 – OpenOffice.org-base allows Denial-of-Service and command injection
https://notcve.org/view.php?id=CVE-2007-4575
06 Dec 2007 — HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods." HSQLDB versiones anteriores a 1.8.0.9, como es usado en OpenOffice.org (OOo) versiones 2 anteriores a 2.3.1, permite a los atacantes remotos asistidos por el usuario ejecutar código Java arbitrario por medio de documentos de base de datos diseñados relacionados con "exposing static java methods". • http://bugs.gentoo.org/show_bug.cgi?id=200771 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 10%CPEs: 10EXPL: 0CVE-2007-2834 – openoffice.org TIFF parsing heap overflow
https://notcve.org/view.php?id=CVE-2007-2834
18 Sep 2007 — Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow. Desbordamiento de enteros en el analizador TIFF en OpenOffice.org (OOo) anterior a la versión 2.3; y Office Suit (StarSuite) de Sun StarOffice versiones 6, 7 y 8 ; ... • http://bugs.gentoo.org/show_bug.cgi?id=192818 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 9%CPEs: 1EXPL: 0CVE-2007-0245 – openoffice.org rtf filter buffer overflow
https://notcve.org/view.php?id=CVE-2007-0245
12 Jun 2007 — Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten. Un desbordamiento de búfer en la región heap de la memoria en OpenOffice.org (OOo) versión 2.2.1 y anteriores permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo RTF con una etiqueta prtdata creada con una incoherencia de parámetro le... • ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •