CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0CVE-2010-3451 – OpenOffice.org: Array index error by insecure parsing of broken rtf tables
https://notcve.org/view.php?id=CVE-2010-3451
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document. Vulnerabilidad uso después de liberación en oowriter en OpenOffice.org (OOo) v2.x y v3.x antereiores a v3.3 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de tablas con formato incorrecto en un documento RTF. • http://osvdb.org/70712 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.cs.brown.edu/people/drosenbe/research.html http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security& • CWE-416: Use After Free •
CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0CVE-2010-3452 – OpenOffice.org: Integer signedness error (crash) by processing certain RTF tags
https://notcve.org/view.php?id=CVE-2010-3452
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document. Vulnerabilidad uso después de liberación en oowriter en OpenOffice.org (OOo) v2.x y v3.x antes de v3.3 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de la manipulación de etiquetas en un documento RTF. • http://osvdb.org/70713 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.cs.brown.edu/people/drosenbe/research.html http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security& • CWE-416: Use After Free •
CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0CVE-2010-3453 – OpenOffice.org: Heap-based buffer overflow by processing *.doc files with WW8 list styles with specially-crafted count of list levels
https://notcve.org/view.php?id=CVE-2010-3453
The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write. La función WW8ListManager::WW8ListManager en oowriter en OpenOffice.org v2.x (OOo) y v3.x anterior a v3.3 no controla correctamente un número no especificado de niveles de lista en la lista de estilos para el usuario en datos WW8 en un documento de Microsoft Word, que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un archivo DOC manipulado que desencadena una escritura fuera de rango. • http://osvdb.org/70714 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.cs.brown.edu/people/drosenbe/research.html http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0CVE-2010-3454 – OpenOffice.org: Array index error by scanning document typography information of certain *.doc files
https://notcve.org/view.php?id=CVE-2010-3454
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write. Múltiples errores de superación de límite (off-by-one) en la función WW8DopTypography::ReadFromMem en oowriter en OpenOffice.org (OOo) v2.x y v3.x anteriores a v3.3 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar código de su elección a través de información tipográfica manipulada en un fichero manipulado de Microsoft Word (.DOC) que provoca una lectura fuera de rango. . • http://osvdb.org/70715 http://secunia.com/advisories/40775 http://secunia.com/advisories/42999 http://secunia.com/advisories/43065 http://secunia.com/advisories/43105 http://secunia.com/advisories/43118 http://secunia.com/advisories/60799 http://ubuntu.com/usn/usn-1056-1 http://www.cs.brown.edu/people/drosenbe/research.html http://www.debian.org/security/2011/dsa-2151 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.mandriva.com/security& • CWE-193: Off-by-one Error •
CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 1CVE-2011-0480
https://notcve.org/view.php?id=CVE-2011-0480
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue. Múltiples desbordamientos de búfer en el decodificador Vorbis en Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 permiten a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://article.gmane.org/gmane.comp.video.ffmpeg.devel/122703 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610550 http://code.google.com/p/chromium/issues/detail?id=68115 http://codereview.chromium.org/5964011 http://codereview.chromium.org/6069005 http://ffmpeg.mplayerhq.hu http://git.ffmpeg.org/?p=ffmpeg.git%3Ba=commit%3Bh=13184036a6b1b1d4b61c91118c0896e9ad4634c3 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70463 http://roundup.ffmpeg. • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •