Page 5 of 30 results (0.008 seconds)

CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0

CVE-2007-0239

https://notcve.org/view.php?id=CVE-2007-0239

OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. OpenOffice.org (OOo) Office Suite permite a atacantes con la intervención del usuario ejecutar comandos de su elección mediante la inserción de metacaracteres de shell en un enlace preparado dentro de un documento manipulado. • http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html http://secunia.com/advisories/24465 http://secunia.com/advisories/24550 http://secunia.com/advisories/24588 http://secunia.com/advisories/24613 http://secunia.com/advisories/24646 http://secunia.com/advisories/24647 http://secunia.com/advisories/24676 http://secunia.com/advisories/24810 http://secunia.com/advisories/24906 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102807-1 http://www. •

CVSS: 9.3EPSS: 11%CPEs: 4EXPL: 0

CVE-2006-5870

https://notcve.org/view.php?id=CVE-2006-5870

Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records. Múltiples desbordamientos de enteros en OpenOffice.org (OOo) 2.0.4 y anteriores, y posiblemente otras versiones anteriores a 2.1.0;y StarOffice 6 hasta 8; permiten a un atacante remoto con la intervención del usuario ejecutar código de su elección mediante (1) ficheros WMF o (b) EMF manipulados que disparan un desbordamiento de búfer basado en montículo en (1) wmf/winwmf.cxx, durante el procesamiento de registros META_ESCAPE; y wmf/enhwmf.cxx durante el procesamiento de (2) registros EMR_POLYPOLYGON y (3) EMR_POLYPOLYGON16. • ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly http://fedoranews.org/cms/node/2344 http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html http://osvdb.org/32610 http://osvdb.org/32611 http://secunia.com/advisories/23549 http://secunia.com/advisories/23600 http://secunia.com/advisories/23612 http://secunia.com/advisories/23616 http://secunia.com/advisories/23620 • CWE-189: Numeric Errors •

CVSS: 4.3EPSS: 4%CPEs: 1EXPL: 3

CVE-2006-6628 – Microsoft Word Document - Malformed Pointer (PoC)

https://notcve.org/view.php?id=CVE-2006-6628

Integer overflow in OpenOffice.org (OOo) 2.1 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted DOC file, as demonstrated by the 12122006-djtest.doc file, a variant of CVE-2006-6561 in a separate codebase. Desbordamiento de enteros en el penOffice.org (OOo) 2.1 permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída de la aplicación) mediante un fichero DOC manipulado, como lo demostrado con el fichero 12122006-djtest.doc. Es una variante de la CVE-2006-6561 en un campo separado del codebase. • https://www.exploit-db.com/exploits/2922 http://securityreason.com/securityalert/2043 http://www.milw0rm.com/sploits/12122006-djtest.doc http://www.securityfocus.com/archive/1/454514/100/0/threaded http://www.securityfocus.com/archive/1/454545/100/0/threaded http://www.securityfocus.com/archive/1/454722/100/0/threaded http://www.securityfocus.com/archive/1/454737/100/0/threaded http://www.securityfocus.com/bid/21618 http://www.vupen.com/english/advisories/2006/5051 •

CVSS: 7.6EPSS: 1%CPEs: 12EXPL: 0

CVE-2006-3117

https://notcve.org/view.php?id=CVE-2006-3117

Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability." • http://fedoranews.org/cms/node/2343 http://secunia.com/advisories/20867 http://secunia.com/advisories/20893 http://secunia.com/advisories/20910 http://secunia.com/advisories/20911 http://secunia.com/advisories/20913 http://secunia.com/advisories/20975 http://secunia.com/advisories/20995 http://secunia.com/advisories/21278 http://secunia.com/advisories/22129 http://secunia.com/advisories/23620 http://security.gentoo.org/glsa/glsa-200607-12.xml http://securitytracker.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.6EPSS: 1%CPEs: 24EXPL: 0

CVE-2006-2198

https://notcve.org/view.php?id=CVE-2006-2198

OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. OpenOffice.org (también conocido como StarOffice) v1.1.x a v1.1.5 y v2.0.x anteriores a v2.0.3 permite a los atacantes de usuarios asistidos conducir actividades no autorizadas a través de un documento OpenOffice con una macro BASIC maliciosa, lo que es ejecutad sin confirmación al usuario. • http://fedoranews.org/cms/node/2343 http://secunia.com/advisories/20867 http://secunia.com/advisories/20893 http://secunia.com/advisories/20910 http://secunia.com/advisories/20911 http://secunia.com/advisories/20913 http://secunia.com/advisories/20975 http://secunia.com/advisories/20995 http://secunia.com/advisories/21278 http://secunia.com/advisories/22129 http://secunia.com/advisories/23620 http://security.gentoo.org/glsa/glsa-200607-12.xml http://securitytracker.com • CWE-264: Permissions, Privileges, and Access Controls •