// For flags

CVE-2007-4575

OpenOffice.org-base allows Denial-of-Service and command injection

Severity Score

8.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."

HSQLDB versiones anteriores a 1.8.0.9, como es usado en OpenOffice.org (OOo) versiones 2 anteriores a 2.3.1, permite a los atacantes remotos asistidos por el usuario ejecutar código Java arbitrario por medio de documentos de base de datos diseñados relacionados con "exposing static java methods".

It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. Multiple memory overflow flaws were discovered in OpenOffice.org's handling of Quattro Pro, EMF, and OLE files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-08-28 CVE Reserved
  • 2007-12-06 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (38)
URL Tag Source
http://bugs.gentoo.org/show_bug.cgi?id=200771 X_refsource_misc
http://bugs.gentoo.org/show_bug.cgi?id=201799 X_refsource_misc
http://www.securitytracker.com/id?1019041 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/38882 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10153 Signature
URL Date SRC
URL Date SRC
http://secunia.com/advisories/27928 2017-09-29
http://www.openoffice.org/security/cves/CVE-2007-4575.html 2017-09-29
http://www.securityfocus.com/bid/26703 2017-09-29
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00005.html 2017-09-29
http://secunia.com/advisories/27914 2017-09-29
http://secunia.com/advisories/27916 2017-09-29
http://secunia.com/advisories/27931 2017-09-29
http://secunia.com/advisories/27972 2017-09-29
http://secunia.com/advisories/28018 2017-09-29
http://secunia.com/advisories/28039 2017-09-29
http://secunia.com/advisories/28286 2017-09-29
http://secunia.com/advisories/28585 2017-09-29
http://secunia.com/advisories/30100 2017-09-29
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103141-1 2017-09-29
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200637-1 2017-09-29
http://www.debian.org/security/2007/dsa-1419 2017-09-29
http://www.gentoo.org/security/en/glsa/glsa-200712-25.xml 2017-09-29
http://www.mandriva.com/security/advisories?name=MDVSA-2008:095 2017-09-29
http://www.redhat.com/archives/fedora-package-announce/2007-December/msg00134.html 2017-09-29
http://www.redhat.com/archives/fedora-package-announce/2007-December/msg00155.html 2017-09-29
http://www.redhat.com/archives/fedora-package-announce/2007-December/msg00281.html 2017-09-29
http://www.redhat.com/support/errata/RHSA-2007-1048.html 2017-09-29
http://www.redhat.com/support/errata/RHSA-2007-1090.html 2017-09-29
http://www.redhat.com/support/errata/RHSA-2008-0151.html 2017-09-29
http://www.redhat.com/support/errata/RHSA-2008-0158.html 2017-09-29
http://www.redhat.com/support/errata/RHSA-2008-0213.html 2017-09-29
http://www.ubuntu.com/usn/usn-609-1 2017-09-29
http://www.vupen.com/english/advisories/2007/4092 2017-09-29
http://www.vupen.com/english/advisories/2007/4146 2017-09-29
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00678.html 2017-09-29
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00753.html 2017-09-29
https://access.redhat.com/security/cve/CVE-2007-4575 2008-04-02
https://bugzilla.redhat.com/show_bug.cgi?id=299801 2008-04-02
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 <= 2.3
Search vendor "Openoffice" for product "Openoffice" and version " <= 2.3"
-
Affected
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 2.0.1
Search vendor "Openoffice" for product "Openoffice" and version "2.0.1"
-
Affected
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 2.0.2
Search vendor "Openoffice" for product "Openoffice" and version "2.0.2"
-
Affected
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 2.0.3
Search vendor "Openoffice" for product "Openoffice" and version "2.0.3"
-
Affected
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 2.0.3_1
Search vendor "Openoffice" for product "Openoffice" and version "2.0.3_1"
-
Affected
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 2.0.4
Search vendor "Openoffice" for product "Openoffice" and version "2.0.4"
-
Affected
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 2.0beta
Search vendor "Openoffice" for product "Openoffice" and version "2.0beta"
-
Affected
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 2.1
Search vendor "Openoffice" for product "Openoffice" and version "2.1"
-
Affected
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 2.2
Search vendor "Openoffice" for product "Openoffice" and version "2.2"
-
Affected
Openoffice
Search vendor "Openoffice"
 Openoffice
Search vendor "Openoffice" for product "Openoffice"
 2.2.1
Search vendor "Openoffice" for product "Openoffice" and version "2.2.1"
-
Affected