CVSS: 9.3EPSS: 39%CPEs: 7EXPL: 0CVE-2009-3302 – OpenOffice.org Word sprmTSetBrc Memory Corruption
https://notcve.org/view.php?id=CVE-2009-3302
filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw." filter/ww8/ww8par2.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos causar una denegación de servicio (caída de aplicacion) o probablemente ejecutar código de su elección a través de una tabla modificadora de propiedades sprmTDefTable manipulada en un documento Word, relacionado con "defecto de error de limite" (boundary error flaw). • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html http://secunia.com/advisories/38567 http://secunia.com/advisories/38568 http://secunia.com/advisories/38695 http://secunia.com/advisories/38921 http://secunia.com/advisories/41818 http://secunia.com/advisories/60799 http://securitytracker.com/id?1023591 http://www.debian.org/security/2010/dsa-1995 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security/advisories?name& • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 16%CPEs: 7EXPL: 0CVE-2009-2949 – openoffice.org: integer overflow in XPM processing
https://notcve.org/view.php?id=CVE-2009-2949
Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow. Desbordamiento de enteros en la función XPMReader::ReadXPM en filter.vcl/ixpm/svt_xpmread.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos ejecutar código de su elección a través de un fichero XPM manipulado que provoca un desbordamiento de buffer basado en pila. • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html http://secunia.com/advisories/38567 http://secunia.com/advisories/38568 http://secunia.com/advisories/38695 http://secunia.com/advisories/38921 http://secunia.com/advisories/41818 http://secunia.com/advisories/60799 http://securitytracker.com/id?1023591 http://www.debian.org/security/2010/dsa-1995 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security/advisories?name& • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 8%CPEs: 7EXPL: 0CVE-2009-2950 – openoffice.org: GIF file parsing heap overflow
https://notcve.org/view.php?id=CVE-2009-2950
Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression. Desbordamiento de búfer basado en pila en la función GIFLZWDecompressor::GIFLZWDecompressor en filter.vcl/lgif/decode.cxx en OpenOffice.org (OOo) anterior v3.2 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o probablemente ejecutar código de su elección a través de un fichero GIF manipulado, relacionado con la d escompresión LZW. • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html http://secunia.com/advisories/38567 http://secunia.com/advisories/38568 http://secunia.com/advisories/38695 http://secunia.com/advisories/38921 http://secunia.com/advisories/41818 http://secunia.com/advisories/60799 http://securitytracker.com/id?1023591 http://www.debian.org/security/2010/dsa-1995 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security/advisories?name& • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 21%CPEs: 59EXPL: 0CVE-2009-0200 – OpenOffice.org Word document Integer Underflow
https://notcve.org/view.php?id=CVE-2009-0200
Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. Desbordamiento de entero en en OpenOffice.org (OOo)anteriores v3.1.1 permite a atacantes remotos ejecutar código de su elección a través de registros manipulados en la tabla de documentos de un documento Word, desencadenando un desbordamiento basado en pila. • http://development.openoffice.org/releases/3.1.1.html http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html http://secunia.com/advisories/35036 http://secunia.com/advisories/36750 http://secunia.com/advisories/60799 http://secunia.com/secunia_research/2009-26 http://sunsolve.sun.com/search/document.do?assetkey=1-26-263508-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020715.1-1 http://www.debian.org/security/2009/dsa-1880 http://www. • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 6.8EPSS: 17%CPEs: 1EXPL: 0CVE-2007-5745 – openoffice.org: Quattro Pro files handling heap overflows in Attribute and Font records
https://notcve.org/view.php?id=CVE-2007-5745
Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records. Múltiples desbordamientos de búfer en la región heap de la memoria en OpenOffice.org versiones anteriores a 2.4, permiten a los atacantes remotos causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario por medio de un archivo Quattro Pro (QPRO) con (1) Atributo y (2) registros de Descripción de Fuente diseñados. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=691 http://secunia.com/advisories/29852 http://secunia.com/advisories/29864 http://secunia.com/advisories/29871 http://secunia.com/advisories/29910 http://secunia.com/advisories/29913 http://secunia.com/advisories/29987 http://secunia.com/advisories/30100 http://secunia.com/advisories/30179 http://security.gentoo.org/glsa/glsa-200805-16.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-231601-1 http& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •