LibreOffice, OpenOffice Security Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: libraptor - XXE in RDF/XML File Interpretation Release Date:...
AI Score
0.004EPSS
Timothy D. Morgan reports : In December 2011, VSR identified a vulnerability in multiple open source office products (including OpenOffice, LibreOffice, KOffice, and AbiWord) due to unsafe interpretation of XML files with custom entity declarations. Deeper analysis revealed that the vulnerability.....
6.5CVSS
-0.4AI Score
0.004EPSS
raptor/raptor2 -- XXE in RDF/XML File Interpretation
Timothy D. Morgan reports: In December 2011, VSR identified a vulnerability in multiple open source office products (including OpenOffice, LibreOffice, KOffice, and AbiWord) due to unsafe interpretation of XML files with custom entity declarations. Deeper analysis revealed...
6.5CVSS
6.5AI Score
0.004EPSS
Bugtraq ID: 52681 CVE ID:CVE-2012-0037 OpenOffice是一款开放源代码的文字处理系统 OpenOffice.org存在一个XML外部实体攻击,处理ODF文档中某些XML组件中的外部实体时存在漏洞,通过构建外部实体引用其他本地文件系统资源,攻击者可以无需用户交互把本地内容注入到ODF文档中,导致信息泄露 0 OpenOffice 3.4 Beta OpenOffice 3.3 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息:...
-0.3AI Score
0.004EPSS
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF...
6.5CVSS
1.8AI Score
0.004EPSS
Oracle Outside In Library OOXML Overflow
Added: 02/03/2012 CVE: CVE-2012-0110 BID: 51452 OSVDB: 78411 Background Oracle Outside In is a a suite of software development kits that allows developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. Problem Outside In...
0.4AI Score
0.157EPSS
Oracle Outside In Library OOXML Overflow
Added: 02/03/2012 CVE: CVE-2012-0110 BID: 51452 OSVDB: 78411 Background Oracle Outside In is a a suite of software development kits that allows developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. Problem Outside In...
0.4AI Score
0.157EPSS
Oracle Outside In Library OOXML Overflow
Added: 02/03/2012 CVE: CVE-2012-0110 BID: 51452 OSVDB: 78411 Background Oracle Outside In is a a suite of software development kits that allows developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. Problem Outside In...
0.4AI Score
0.157EPSS
Oracle Outside In Library OOXML Overflow
Added: 02/03/2012 CVE: CVE-2012-0110 BID: 51452 OSVDB: 78411 Background Oracle Outside In is a a suite of software development kits that allows developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. Problem Outside In...
0.4AI Score
0.157EPSS
Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS
Exploit Title: Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS Google Dork: "inurl:"sites/all/modules/ckeditor" -drupalcode.org" Google Results: Approximately 379.000 results Date: 18th January 2012 Author: MaXe @InterN0T (Found in a private Hatforce.com Penetration Test) Software Link:.....
AI Score
7.4AI Score
Drupal Module CKEditor 3.0 3.6.2 - Persistent EventHandler Cross-Site Scripting
Drupal Module CKEditor 3.0 3.6.2 - Persistent EventHandler Cross-Site...
-0.2AI Score
Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS
Exploit for php platform in category web...
7.1AI Score
-0.1AI Score
-0.2AI Score
OpenOffice Microsoft Word文件格式输入程序多个安全漏洞
BUGTRAQ ID: 49969 CVE ID: CVE-2011-2713 OpenOffice原是Sun公司的一套商业级Office软件-StarOffice,经过Sun公司公开程序码之后,正式命名为OpenOffice发展计划。 OpenOffice.org的二进制.doc文件格式输入程序在实现上存在多个漏洞,目前技术细节不明。 Debian Linux 6.0 x OpenOffice OpenOffice < 3.2.1 厂商补丁: OpenOffice 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
0.4AI Score
0.041EPSS
iDefense reports : Remote exploitation of multiple integer overflow vulnerabilities within OpenOffice, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code. These vulnerabilities exist within the TIFF parsing code of the OpenOffice suite. When.....
0.7AI Score
0.926EPSS
OpenOffice multiple security vulnerabilities
Multiple memmory corruptions on .doc files...
2.3AI Score
0.041EPSS
JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities
#################### www.BugReport.ir AmnPardaz Security Research Team Title: JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities Vendor: www.joomlacontenteditor.net Exploit: Available Vulnerable Version: 2.0.10 (Image Manager 1.5.7.13, Media Manager 1.5.6.3, Template Manager 1.5.5, File...
0.2AI Score
7.1AI Score
0.2AI Score
Joomla! Component joomlacontenteditor 2.0.10 - Multiple Vulnerabilities
Joomla! Component joomlacontenteditor 2.0.10 - Multiple...
0.4AI Score
JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities
Exploit for php platform in category web...
7.1AI Score
7.4AI Score
2.5AI Score
OpenOffice Detection (Windows SMB Login)
Detects the installed version of OpenOffice. The script logs in via smb, searches for OpenOffice in the registry and gets the version...
7.3AI Score
OpenOffice.org 'soffice' Directory Traversal Vulnerability (Windows)
The host has OpenOffice installed and is prone to directory traversal...
AI Score
0.0004EPSS
OpenOffice.org 'soffice' Directory Traversal Vulnerability - Windows
OpenOffice is prone to directory traversal...
6.5AI Score
0.0004EPSS
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office...
7.1AI Score
0.019EPSS
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF...
7AI Score
0.018EPSS
The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service...
7AI Score
0.013EPSS
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF...
7AI Score
0.024EPSS
Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP...
6.5AI Score
0.006EPSS
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT).....
7.1AI Score
0.013EPSS
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working...
6.2AI Score
0.0004EPSS
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC....
7AI Score
0.013EPSS
Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP...
7.4AI Score
0.006EPSS
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office...
8.7AI Score
0.019EPSS
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working...
6.7AI Score
0.0004EPSS
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF...
8.4AI Score
0.024EPSS
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT).....
8.7AI Score
0.013EPSS
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF...
8.4AI Score
0.018EPSS
The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service...
8.3AI Score
0.013EPSS
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC....
8.3AI Score
0.013EPSS
Oracle OpenOffice.org < 3.3 Multiple Vulnerabilities
The version of Oracle OpenOffice.org installed on the remote host is prior to 3.3. It is, therefore, affected by several issues : Issues exist relating to PowerPoint document processing that may lead to arbitrary code execution. (CVE-2010-2935, CVE-2010-2936) A directory traversal...
-0.1AI Score
0.149EPSS
OpenOffice < 3.3 Multiple Vulnerabilities
Versions of OpenOffice earlier than 3.3 are potentially affected by several issues : Issues exist relating to PowerPoint document parsing that may lead to arbitrary code execution. (CVE-2010-2935, CVE-2010-2936) A directory traversal vulnerability exists in zip / jar package extraction....
1.8AI Score
0.149EPSS
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath...
7.8AI Score
0.004EPSS
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath...
7.6AI Score
0.004EPSS
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via.....
5.6AI Score
0.002EPSS
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via.....
5.8AI Score
0.002EPSS