CVSS: 8.8EPSS: 6%CPEs: 5EXPL: 2CVE-2012-2149 – libwpd: Memory overwrite flaw by processing certain WordPerfect (WPD) documents
https://notcve.org/view.php?id=CVE-2012-2149
21 Jun 2012 — The WPXContentListener::_closeTableRow function in WPXContentListener.cpp in libwpd 0.8.8, as used by OpenOffice.org (OOo) before 3.4, allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used. NOTE: some sources report this issue as an integer overflow. La función WPXContentListener::_closeTableRow en WPXContentListener.cpp en libwpd v0.8.8, tal y como es usado por OpenOffice.org (OOo) antes de v3.4, permite a atacantes remotos e... • http://archives.neohapsis.com/archives/bugtraq/2012-05/0090.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 9%CPEs: 2EXPL: 0CVE-2010-2935 – OpenOffice.Org: Integer truncation error by parsing specially-crafted Microsoft PowerPoint document
https://notcve.org/view.php?id=CVE-2010-2935
25 Aug 2010 — simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error." simpress.bin en el módulo Impress en OpenOffice.org (OOo) v3.2.1 sobre Windows, no maneja adecuadamente los valor... • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 8%CPEs: 2EXPL: 0CVE-2010-2936 – OpenOffice.org: Heap-based buffer overflow by parsing specially-crafted Microsoft PowerPoint document
https://notcve.org/view.php?id=CVE-2010-2936
25 Aug 2010 — Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow. Desbordamiento de entero en simpress.bin en el módulo Impress en OpenOffice.org (OOo) v3.2.1 sobre Windows, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente, la... • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 10%CPEs: 59EXPL: 0CVE-2009-0200 – OpenOffice.org Word document Integer Underflow
https://notcve.org/view.php?id=CVE-2009-0200
02 Sep 2009 — Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. Desbordamiento de entero en en OpenOffice.org (OOo)anteriores v3.1.1 permite a atacantes remotos ejecutar código de su elección a través de registros manipulados en la tabla de documentos de un documento Word, desencadenando un desbordamiento basado en pila. Mul... • http://development.openoffice.org/releases/3.1.1.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •