LibreOffice, OpenOffice Security Vulnerabilities

[SECURITY] Fedora 20 Update: testdisk-7.0-2.fc20

Tool to check and undelete partition. Works with FAT12, FAT16, FAT32, NTFS, ext2, ext3, ext4, btrfs, BeFS, CramFS, HFS, JFS, Linux Raid, Linux Swap, LVM, LVM2, NSS, ReiserFS, UFS, XFS. PhotoRec is a signature based file recovery utility. It handles more than 440 file formats including JPG,...

FreeBSD : Vulnerability in HWP document filter (b13af778-f4fc-11e4-a95d-ac9e174be3af)

US-CERT/NIST reports : The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds...

LibreOffice memory corruption

Memory corruption on HWP documents...

Apache OpenOffice Multiple Vulnerabilities (May 2015) - Windows

Apache OpenOffice is prone to multiple...

[SECURITY] Fedora 22 Update: testdisk-7.0-2.fc22

Tool to check and undelete partition. Works with FAT12, FAT16, FAT32, NTFS, ext2, ext3, ext4, btrfs, BeFS, CramFS, HFS, JFS, Linux Raid, Linux Swap, LVM, LVM2, NSS, ReiserFS, UFS, XFS. PhotoRec is a signature based file recovery utility. It handles more than 440 file formats including JPG,...

CVE-2015-1774

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds...

CVE-2015-1774

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds...

CVE-2015-1774

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds...

Out-of-bounds

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds...

CVE-2015-1774

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds...

KLA10569 Vulnerability in OpenOffice

Vulnerability in OpenOffice’s HWP filter was found in Apache OpenOffice 4.1.1 and older. By exploiting this vulnerability malicious users can cause denial of service (crash) or possibly execute arbitrary code. This vulnerability can be exploited via a crafted HWP document. Original advisories...

Vulnerability in HWP document filter

US-CERT/NIST reports: The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an...

CVE-2015-1774

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write. Bugs ...

Apache OpenOffice Multiple Vulnerabilities (Apr 2015) - Windows

Apache OpenOffice is prone to multiple...

CentOS 7 : libabw / libcmis / libetonyek / libfreehand / liblangtag / libmwaw / libodfgen / etc (CESA-2015:0377)

Updated libreoffice packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which....

autocorr, libabw, libcmis, libetonyek, libfreehand, liblangtag, libmwaw, libodfgen, libreoffice, mdds security update

CentOS Errata and Security Advisory CESA-2015:0377 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces...

Oracle Linux 7 : libreoffice (ELSA-2015-0377)

From Red Hat Security Advisory 2015:0377 : Updated libreoffice packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common...

(RHSA-2015:0377) Moderate: libreoffice security, bug fix, and enhancement update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

RHEL 7 : libreoffice (RHSA-2015:0377)

Updated libreoffice packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which....

Bugzilla Vulnerability Exposes Bug Collections

Hundreds of open source software projects that make use of Bugzilla, Mozilla’s bug-tracking software, anxiously await a patch for a vulnerability that exposes private bugs collected by the system. Mozilla is today expected to make available a patch for the vulnerability in its account creation...

GLSA-201408-19 : OpenOffice, LibreOffice: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201408-19 (OpenOffice, LibreOffice: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details. Impact : A...

OpenOffice, LibreOffice: Multiple vulnerabilities

Background OpenOffice is the open source version of StarOffice, a full office productivity suite. LibreOffice is a fork of OpenOffice. Description Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details. Impact A...

CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE...

CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE...

Design/Logic Flaw

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE...

CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE...

Apache OpenOffice < 4.1.1 Multiple Vulnerabilities

The version of Apache OpenOffice installed on the remote host is a version prior to 4.1.1. It is, therefore, affected by the following vulnerabilities : An unspecified flaw allows remote attackers to execute arbitrary commands via a specially crafted Calc spreadsheet. (CVE-2014-3524) A...

CVE-2014-3524

Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc...

CVE-2014-3524

Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc...

Design/Logic Flaw

Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc...

CVE-2014-3524

Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc...

CVE-2014-3524

Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet. Bugs https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1380711 Notes Author| Note ---|--- mdeslaur | issue was in...

CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects. Bugs https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1380711 Notes Author| Note ---|--- seth-arnold |...

Apache OpenOffice security vulnerabilities

Code execution, information...

CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3575 OpenOffice Targeted Data Exposure Using Crafted OLE Objects Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 4.1.0 and older on Windows. OpenOffice.org versions are also affected....

CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3524 OpenOffice Calc Command Injection Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 4.1.0 and older on Windows. OpenOffice.org versions may also be affected....

openoffice -- information disclosure vulnerability

Apache reports: The exposure exploits the way OLE previews are generated to embed arbitrary file data into a specially crafted document when it is opened. Data exposure is possible if the updated document is distributed to other...

OpenOffice 3.1 - '.slk' File NULL Pointer Dereference Remote Denial of Service Vulnerability

No description provided by...

OpenOffice 1.0.1 - Remote Access Denial of Service Vulnerability

No description provided by...

OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow

No description provided by...

OpenOffice 3.1 - '.csv' File Remote Denial of Service Vulnerability

No description provided by...

JCE Joomla Extension <= 2.0.10 - Multiple Vulnerabilities

No description provided by...

OpenOffice 2.2 Writer Component Remote Denial of Service Vulnerability

No description provided by...

Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS

No description provided by...

OpenOffice ".slk" File Parsing Null Pointer Vulnerability

No description provided by...

openSUSE Security Update : calligra (openSUSE-SU-2012:1061-1)

Fix buffer overflow in MS Word ODF filter among other non-security related bugs. Also a version update to 2.4.3 happened : Words : Always show vertical scroll bar to avoid race condition (kde#301076) Do not save with an attribue that makes LibreOffice and OpenOffice crash (kde#298689...

[GoLismero v2.0] Merge results of security tools (OpenVas, Wfuzz, SQLMap, DNS recon, robot analyzer...)

GoLismero is an Open Source security tools that can run their own security tests and manage a lot of well known security tools (OpenVas, Wfuzz, SQLMap, DNS recon, robot analyzer...) take their results, feedback to the rest of tools and merge all of results. And all of this automatically. Changelog....

Collection Of Free Computer Forensic Tools

Disk tools and data capture Name | From | Description ---|---|--- DumpIt | MoonSols | Generates physical memory dump of Windows machines, 32 bits 64 bit. Can run from a USB flash drive. EnCase Forensic Imager | Guidance Software | Create EnCase evidence files and EnCase logical evidence files...

Apache OpenOffice < 4.0 Multiple Memory Corruption Vulnerabilities

The version of Apache OpenOffice installed on the remote host is prior to 4.0. It is, therefore, affected by memory corruption vulnerabilities related to the handling of PLCF (Plex of Character Positions in File) data and unknown XML elements in OOXML files. This can lead to application crashes...

Memory corruption

Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document...