CVSS: 7.8EPSS: 4%CPEs: 12EXPL: 0CVE-2006-3117
https://notcve.org/view.php?id=CVE-2006-3117
30 Jun 2006 — Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability." • http://fedoranews.org/cms/node/2343 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-4636
https://notcve.org/view.php?id=CVE-2005-4636
31 Dec 2005 — OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings. • http://qa.openoffice.org/issues/show_bug.cgi?id=53491 •
CVSS: 9.8EPSS: 2%CPEs: 7EXPL: 0CVE-2005-0941
https://notcve.org/view.php?id=CVE-2005-0941
12 Apr 2005 — The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow. • http://secunia.com/advisories/17027 •