CVSS: 9.3EPSS: 21%CPEs: 7EXPL: 0CVE-2009-2950 – openoffice.org: GIF file parsing heap overflow
https://notcve.org/view.php?id=CVE-2009-2950
16 Feb 2010 — Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression. Desbordamiento de búfer basado en pila en la función GIFLZWDecompressor::GIFLZWDecompressor en filter.vcl/lgif/decode.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos causar una dene... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 42%CPEs: 7EXPL: 0CVE-2009-3301 – OpenOffice.org Word sprmTDefTable Memory Corruption
https://notcve.org/view.php?id=CVE-2009-3301
16 Feb 2010 — Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document. Desbordamiento de enteros en filter/ww8/ww8par2.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos causar una denegación de servicio (caída aplicación) o probablemente ejecutar código de su elección a través de una tabla modificadora ... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.3EPSS: 42%CPEs: 7EXPL: 0CVE-2009-3302 – OpenOffice.org Word sprmTSetBrc Memory Corruption
https://notcve.org/view.php?id=CVE-2009-3302
16 Feb 2010 — filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw." filter/ww8/ww8par2.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos causar una denegación de servicio (caída de aplicacion) o probablemente ejecutar código de su elección a través de una tabla modificadora de propiedade... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 6%CPEs: 9EXPL: 0CVE-2010-0136
https://notcve.org/view.php?id=CVE-2010-0136
16 Feb 2010 — OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document. OpenOffice.org (OOo) V2.0.4, V2.4.1, y v3.1.1 no refuerza adecuadamente la configuración de la macro de seguridad de Visual Basic para Aplicaciones (VBA), lo que permite a atacantes remotos correr macros de su elección a través de un documento manipulado. • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3282 – openoffice.org: numeric truncation error in memory allocator (64bit)
https://notcve.org/view.php?id=CVE-2008-3282
29 Aug 2008 — Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152. Desbordamiento de entero en la función rtl_allocateMemory en sal/rtl/sourcealloc_global.c en el localizador de memoria de OpenOffice... • http://secunia.com/advisories/31640 • CWE-681: Incorrect Conversion between Numeric Types •