LibreOffice, OpenOffice Security Vulnerabilities

CVE-2009-3301

Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word...

CVE-2010-0136

OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted...

OpenOffice < 3.2 Multiple Vulnerabilities

The version of OpenOffice installed on the remote host is earlier than 3.2. Such versions are potentially affected by several issues : Signatures may not be handled properly due to a vulnerability in the libxml2 library. (CVE-2006-4339) There is an HMAC truncation authentication bypass...

Mandriva Update for openoffice.org MDVSA-2010:035 (openoffice.org)

Check for the Version of...

Mandriva Update for openoffice.org MDVSA-2010:035 (openoffice.org)

Check for the Version of...

Sun OpenOffice.org < 3.2 Multiple Vulnerabilities

The version of Sun Microsystems OpenOffice.org installed on the remote host is prior to version 3.2. It is, therefore, affected by several issues : Signatures may not be handled properly due to a vulnerability in the libxml2 library. (CVE-2006-4339) There is an HMAC truncation...

OpenOffice - .slk Parsing Null Pointer

OpenOffice - .slk Parsing Null...

OpenOffice for Windows &quot;.slk&quot; File Parsing Null Pointer Vulnerability

Product: OpenOffice Tested Vulnerable Versions: 3.1.1 and 3.1.0 Vulnerability: Null Pointer Description: Hellcode Research discovered a null pointer vulnerability in Openoffice for Windows. Opening a malformed ".slk" file with Openoffice, causes a crash on "soffice.bin" PoC:...

OpenOffice ".slk" File Parsing Null Pointer Vulnerability

Exploit for unknown platform in category dos /...

OpenOffice - &#039;.slk&#039; Parsing Null Pointer

...

OpenOffice 3.1 - &#039;.slk&#039; Null Pointer Dereference Remote Denial of Service

...

OpenOffice NULL pointer dereference

NULL pointer dereference on CSV and SLK files...

OpenOffice &quot;.slk&quot; File Parsing Null Pointer Vulnerability

No description provided by...

OpenOffice 3.1 - .slk Null Pointer Dereference Remote Denial of Service

OpenOffice 3.1 - .slk Null Pointer Dereference Remote Denial of...

Hellcode Research: OpenOffice File Parsing Null Pointer Vulnerability

Release Date: 2010-01-14 Product: OpenOffice Tested Vulnerable Versions: 3.1.1 and 3.1.0 Vulnerability: Null Pointer Description: Hellcode Research discovered a null pointer vulnerability in Openoffice for Windows. Opening a malformed ".csv" file with Openoffice, causes a crash on "soffice.bin"...

OpenOffice 3.1 - &#039;.csv&#039; Remote Denial of Service

...

OpenOffice 3.1 - .csv Remote Denial of Service

OpenOffice 3.1 - .csv Remote Denial of...

OpenOffice TIFF File Parsing Integer Overflow (CVE-2007-2834)

OpenOffice.org is an open source office suite. The package includes a word processor, a spreadsheet application, a presentation creator, an illustration drawer, a desktop database, and an equation editor. The product is made available for multiple platforms and languages. An integer overflow...

OpenOffice.org Multiple Vulnerabilities - Oct09 (Windows)

The host has OpenOffice.org installed and is prone to multiple...

OpenOffice.org Multiple Vulnerabilities (Oct 2009) - Windows

OpenOffice.org is prone to multiple...

CVE-2009-3571

Unspecified vulnerability in OpenOffice.org (OOo) has unknown impact and client-side attack vector, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, aka "Client-side exploit." NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco....

CVE-2009-3570

Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable.....

openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-6421)

Secunia reported an integer underflow (CVE-2009-0200) and a buffer overflow (CVE-2009-0201) that could be triggered while parsing Word...

OpenOffice OLE File Stream Buffer Overflow (CVE-2008-0320)

OpenOffice.org is an open source office suite. The suite includes a word processor, a spreadsheet application, a presentation creator, an illustration drawer, a desktop database, and an equation editor. The product is made available for multiple platforms and languages. A heap overflow...

OpenOffice EMF Files Multiple Buffer Overflow Vulnerabilities (Linux)

The host has OpenOffice installed and is prone to Multiple Buffer Overflow...

OpenOffice EMF Files Multiple Buffer Overflow Vulnerabilities - Windows

OpenOffice is prone to multiple buffer overflow...

OpenOffice EMF Files Multiple Buffer Overflow Vulnerabilities (Windows)

The host has OpenOffice installed and is prone to Multiple Buffer Overflow...

OpenOffice EMF File Parser Remote Command Execution Vulnerability (Windows)

The host has OpenOffice installed and is prone to Remote Command Execution...

OpenOffice EMF File Parser Remote Command Execution Vulnerability (Linux)

The host has OpenOffice installed and is prone to Remote Command Execution...

OpenOffice EMF File Parser Remote Command Execution Vulnerability - Windows

OpenOffice is prone to a remote command execution...

OpenOffice.org Word Documents Parsing Buffer Overflow Vulnerability - Windows

OpenOffice is prone to a buffer overflow...

OpenOffice.org Word Documents Parsing Buffer Overflow Vulnerability (Linux)

The host has OpenOffice installed and is prone to Buffer Overflow...

openSUSE Security Update : OpenOffice_org (OpenOffice_org-1187)

This update of OpenOffice.org fixes potential buffer overflow in EMF parser code (CVE-2009-2139, CVE-2009-2140) (Thanks to Petr Mladek). Additionally Secunia reported an integer underflow (CVE-2009-0200) and a buffer overflow (CVE-2009-0201) that could be triggered while parsing Word...

OpenOffice.org Word Documents Parsing Buffer Overflow Vulnerability (Windows)

The host has OpenOffice installed and is prone to Buffer Overflow...

openSUSE Security Update : OpenOffice_org-math (OpenOffice_org-math-1191)

Secunia reported an integer underflow (CVE-2009-0200) and a buffer overflow (CVE-2009-0201) that could be triggered while parsing Word...

[SECURITY] [DSA 1880-1] New OpenOffice.org packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Debian Security Advisory DSA 1880-1 [email protected] http://www.debian.org/security/ Martin Schulze September 4th, 2009 http://www.debian.org/security/faq Package :...

OpenOffice multiple security vulnerabilities

Buffer overflow and integer overflow on Microsoft Word and EMF documents parsing, vulnerable version in included...

[SECURITY] [DSA 1880-1] New OpenOffice.org packages fix arbitrary code execution

Debian Security Advisory DSA 1880-1 [email protected] http://www.debian.org/security/ Martin Schulze September 4th, 2009 http://www.debian.org/security/faq Package : openoffice.org Vulnerability : several Problem type ...

openoffice.org - arbitrary code execution

Several vulnerabilities have been discovered in the OpenOffice.org office suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0200 Dyon Balding of Secunia Research has discovered a vulnerability, which can be exploited by opening a specially...

CVE-2009-0200

Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer...

CVE-2009-0201

Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table...

OpenOffice Word文档表格解析整数溢出和堆溢出漏洞

BUGTRAQ ID: 36186 CVE(CAN) ID: CVE-2009-0200,CVE-2009-0201 OpenOffice是个整合性的软件，包含了许多文字处理、表格、公式等办公工具。 OpenOffice在解析Word文档表格中的某些记录时存在堆溢出和整数下溢漏洞，用户受骗打开畸形的文档就可能触发这些溢出，导致执行任意指令。 OpenOffice &lt; 3.1.1 厂商补丁： OpenOffice 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

OpenOffice < 3.1.1 Multiple Buffer Overflows

The version of OpenOffice installed on the remote host is earlier than 3.1.1. Such versions are affected by several issues : Parsing certain records in a document table could lead to heap-based overflows and arbitrary code execution. (CVE-2009-0200) Parsing certain records in...

OpenOffice < 3.1.1 Multiple Vulnerabilities

The version of OpenOffice is earlier than 3.1.1. Such versions are potentially affected by several issues : A boundary error when parsing certain records can be exploited to cause a heap-based buffer overflow via a specially crafted document. (CVE-2009-0201) An integer underflow error when...

Mandriva Linux Security Advisory : openoffice.org (MDVSA-2008:095)

A vulnerability in HSQLDB before 1.8.0.9 in OpenOffice.org could allow user-assisted remote attackers to execute arbitrary Java code via crafted database documents (CVE-2007-4575). A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file.....

FreeBSD : openoffice -- document disclosure (c62dc69f-05c8-11d9-b45d-000c41e2cdad)

OpenOffice creates a working directory in /tmp on startup, and uses this directory to temporarily store document content. However, the permissions of the created directory may allow other user on the system to read these files, potentially exposing information the user likely assumed was...

Mandriva Linux Security Advisory : openoffice.org (MDVSA-2008:137)

Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. (CVE-2008-2152) Also, according to bug #38874 decimal...

Mandriva Update for openoffice.org MDVSA-2008:137 (openoffice.org)

Check for the Version of...

Mandriva Update for libwpd MDKSA-2007:063 (libwpd)

Check for the Version of...

Mandriva Update for libwpd MDKSA-2007:063 (libwpd)

Check for the Version of...