LibreOffice, OpenOffice Security Vulnerabilities

OpenOffice OLE importer DocumentSummaryInformation buffer overflow

Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding (OLE) framework. Problem A buffer overflow vulnerability in the OLE importer...

OpenOffice OLE importer DocumentSummaryInformation buffer overflow

Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding (OLE) framework. Problem A buffer overflow vulnerability in the OLE importer...

OpenOffice OLE importer DocumentSummaryInformation buffer overflow

Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding (OLE) framework. Problem A buffer overflow vulnerability in the OLE importer...

OpenOffice OLE importer DocumentSummaryInformation buffer overflow

Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding (OLE) framework. Problem A buffer overflow vulnerability in the OLE importer...

CVE-2008-2366

Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use.....

Design/Logic Flaw

Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use.....

RHEL 3 / 4 : openoffice.org (RHSA-2008:0538)

Updated openoffice.org packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...

RHEL 4 / 5 : openoffice.org (RHSA-2008:0537)

Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that...

CentOS 3 / 4 : openoffice.org (CESA-2008:0538)

Updated openoffice.org packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...

openoffice.org security update

CentOS Errata and Security Advisory CESA-2008:0538 OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Sean Larsson found a heap overflow flaw in the OpenOffice memory...

OpenOffice rtl_allocateMemory()函数堆溢出漏洞

BUGTRAQ ID: 29622 CVE(CAN) ID: CVE-2008-2152 OpenOffice是个整合性的软件，包含了许多文字处理、表格、公式等办公工具。 OpenOffice的rtl_allocateMemory()函数没有执行整数溢出检查便以8字节为边界环绕分配请求，以下是sal/rtl/source/alloc_global.c中的漏洞代码： 191 void * 192 SAL_CALL rtl_allocateMemory (sal_Size n) 193 { 194 void * p = 0; ...

(RHSA-2008:0537) Important: openoffice.org security update

OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Sean Larsson found a heap overflow flaw in the OpenOffice memory allocator. If a carefully crafted file was opened by.....

(RHSA-2008:0538) Important: openoffice.org security update

OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Sean Larsson found a heap overflow flaw in the OpenOffice memory allocator. If a carefully crafted file was opened by.....

CVE-2008-2152

Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer...

iDefense Security Advisory 06.10.08: Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability

iDefense Security Advisory 06.10.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 10, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. For more information, see the vendor's site found at the following URL....

OpenOffice integer overflow

Buffer overflow in rtl_allocateMemory() on different file formats...

OpenOffice < 2.4.1 rtl_allocateMemory() Function Crafted Document Handling Integer Overflow

The version of OpenOffice installed on the remote host reportedly contains an integer overflow vulnerability in 'rtl_allocateMemory()', a custom memory allocation function used by the application. If an attacker can trick a user on the affected system, he can leverage this issue to execute...

Fedora 7 : openoffice.org-2.3.0-6.8.fc7 (2008-4104)

Following security issues were addressed in this update: # CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution # CVE-2007-5746: Manipulated EMF files can lead to heap overflows and arbitrary code execution # CVE-2008-0320: Manipulated OLE files....

GLSA-200805-16 : OpenOffice.org: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200805-16 (OpenOffice.org: Multiple vulnerabilities) iDefense Labs reported multiple vulnerabilities in OpenOffice.org: multiple heap-based buffer overflows when parsing the 'Attribute' and 'Font' Description records of Quattro...

OpenOffice.org: Multiple vulnerabilities

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description iDefense Labs reported multiple vulnerabilities in OpenOffice.org: multiple...

Ubuntu 6.06 LTS / 7.04 / 7.10 : hsqldb, openoffice.org/-amd64 vulnerabilities (USN-609-1)

It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. (CVE-2007-4575) Multiple memory overflow flaws were...

Fedora 8 : openoffice.org-2.3.0-6.14.fc8 (2008-3251)

Following security issues were addressed in this update: # CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution # CVE-2007-5746: Manipulated EMF files can lead to heap overflows and arbitrary code execution # CVE-2008-0320: Manipulated OLE files....

RHEL 3 / 4 : openoffice.org (RHSA-2008:0176)

Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...

RHEL 4 / 5 : openoffice.org (RHSA-2008:0175)

Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...

CentOS 4 / 5 : openoffice.org / openoffice.org2 (CESA-2008:0175)

Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...

CentOS 3 / 4 : openoffice.org (CESA-2008:0176)

Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...

openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-5053)

This update of OpenOffice fixes various critical security vulnerabilities heap-overflow when parsing PPT files (CVE-2008-0320) various buffer-overflows while parsing QPRO files (CVE-2007-5745, CVE-2007-5747) out-of-bound memory access and a heap-overflow in the regex engine of libICU...

OpenOffice multiple security vulnerabilities

multiple buffer overflows and integer overflows on QPRO (Quattro Pro), EMF and Microsoft Office files...

iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability

iDefense Security Advisory 04.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. One of the file formats that OpenOffice supports is Windows Enhanced Metafile...

iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability

iDefense Security Advisory 04.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. Object Linking and Embedding (OLE) is a proprietary binary file format developed by....

iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities

iDefense Security Advisory 04.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. One of the file formats that OpenOffice supports is Quattro Pro (QPRO). This format....

iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability

iDefense Security Advisory 04.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. One of the file formats that OpenOffice supports is Quattro Pro (QPRO). This format....

OpenOffice多个缓冲区溢出漏洞

BUGTRAQ ID: 28819 CVE(CAN) ID: CVE-2007-5745,CVE-2007-5747,CVE-2007-5746,CVE-2008-0320 OpenOffice是个整合性的软件，包含了许多文字处理、表格、公式等办公工具。 OpenOffice在解析文件中的Attribute和Font...

local privilege escalation in OpenOffice_org

This update of OpenOffice fixes various critical security vulnerabilities - heap-overflow when parsing PPT files (CVE-2008-0320) - various buffer-overflows while parsing QPRO files (CVE-2007-5745, CVE-2007-5747) (NLD9 not affected) - integer overflow while parsing EMF files (CVE-2007-5746) -...

Debian DSA-1547-1 : openoffice.org - several vulnerabilities

Several security related problems have been discovered in OpenOffice.org, the free office suite. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2007-5745, CVE-2007-5747 Several bugs have been discovered in the way OpenOffice.org parses Quattro...

CVE-2007-5745

Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description...

CVE-2008-0320

Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation...

CVE-2007-5746

Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer...

Heap overflow

Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description...

OpenOffice < 2.4 Multiple Vulnerabilities

The version of OpenOffice installed on the remote host is reportedly affected by several issues : Heap overflow and arbitrary code execution vulnerabilities involving ODF text documents with XForms (CVE-2007-4770/4771). Heap overflow and arbitrary code execution vulnerabilities involving Quattro...

Sun OpenOffice.org < 2.4 Multiple Vulnerabilities

The version of Sun Microsystems OpenOffice.org installed on the remote host is affected by several issues : Heap overflow and arbitrary code execution vulnerabilities involving ODF text documents with XForms (CVE-2007-4770/4771). Heap overflow and arbitrary code execution ...

OpenOffice array index overflow

Array index overflow on large number of document...

FireGPG PGP Key Issuer Name HTML Injection Vulnerability

FireGPG is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript code could run in the context of the website that the application is triggered from,...

OpenOffice HSQLDB Database Engine Unspecified Java Code Execution Vulnerability

Bugtraq ID: 26703 CVE: CVE-2007-4575 OpenOffice is prone to a code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary Java code in the context of the vulnerable application. Versions prior to OpenOffice 2.3.1 are vulnerable. Sun StarSuite 8 Sun StarOffice...

GLSA-200712-25 : OpenOffice.org: User-assisted arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-200712-25 (OpenOffice.org: User-assisted arbitrary code execution) The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements. Impact : A remote attacker could entice a user to open...

OpenOffice.org: User-assisted arbitrary code execution

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to.....

SuSE 10 Security Update : OpenOffice (ZYPP Patch Number 4320)

This update of OpenOffice_org fixes a bug in TIFF parsing code that leads to a heap overflow. (CVE-2007-2834) This bug can be exploited with user assistance to execute arbitrary...

OpenOffice: Duplicated, Unprotected Certificate Information shown in Signed ODF Documents

Affects: OpenOffice 2.3.0 and 2.2.0 and possibly older versions I. Background OpenOffice is a opensource suite containing several programs to handle Office documents like text documents or spreadsheets. The latest version uses an XML based document format (ODF). OpenOffice allows documents to...

OpenOffice HSQLDB数据库引擎Java代码执行漏洞

BUGTRAQ ID: 26703 CVE(CAN) ID: CVE-2007-4575 OpenOffice是个整合性的软件，包含了许多文字处理、表格、公式等办公工具。 OpenOffice的数据库引擎HSQLDB实现上存在漏洞，远程攻击者可能利用此漏洞执行任意Java代码。 OpenOffice所捆绑的默认数据库引擎HSQLDB在解析SQL查询时没有正确地强制安全限制，如果用户受骗打开了恶意数据库文档中并执行了其中所包含的特制SQL查询的话，就可能导致调用任意静态的Java方式。 OpenOffice &lt; 2.3.1 厂商补丁： Debian...

OpenOffice certificate information spoofing

It's possible to spoof information about certificate used for...