Page 8 of 64 results (0.028 seconds)

CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0

Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document. Vulnerabilidad uso después de liberación en oowriter en OpenOffice.org (OOo) v2.x y v3.x antes de v3.3 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de la manipulación de etiquetas en un documento RTF. • http://osvdb.org/70713 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.cs.brown.edu/people/drosenbe/research.html http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security& • CWE-416: Use After Free •

CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write. La función WW8ListManager::WW8ListManager en oowriter en OpenOffice.org v2.x (OOo) y v3.x anterior a v3.3 no controla correctamente un número no especificado de niveles de lista en la lista de estilos para el usuario en datos WW8 en un documento de Microsoft Word, que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un archivo DOC manipulado que desencadena una escritura fuera de rango. • http://osvdb.org/70714 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.cs.brown.edu/people/drosenbe/research.html http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office document. Desbordamiento de buffer basado en memoria dinámica en Impress en OpenOffice.org (OOo) 2.x y 3.x en versiones anteriores a 3.3 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un archivo Truevision TGA (TARGA) manipulado en un documento ODF o Microsoft Office. • http://osvdb.org/70718 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security/advisories?name=MDVSA-2011:027 http://www.openoffice.org • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write. Múltiples errores de superación de límite (off-by-one) en la función WW8DopTypography::ReadFromMem en oowriter en OpenOffice.org (OOo) v2.x y v3.x anteriores a v3.3 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar código de su elección a través de información tipográfica manipulada en un fichero manipulado de Microsoft Word (.DOC) que provoca una lectura fuera de rango. . • http://osvdb.org/70715 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.cs.brown.edu/people/drosenbe/research.html http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security& • CWE-193: Off-by-one Error •

CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0

Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. Múltiples vulnerabilidades de salto de directorio en OpenOffice.org (OOo) v2.x y v3.x anteriores a v3.3, permite a atacantes remotos añadir y ejecutar comandos de su elección a través de .. (punto punto) en el parámetro "site" a (1) index.php y (2) admin.php. • http://osvdb.org/70711 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security/advisories?name=MDVSA-2011:027 http://www.openoffice.org • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •