OpenOffice OLE importer DocumentSummaryInformation buffer overflow
Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding (OLE) framework. Problem A buffer overflow vulnerability in the OLE importer...
-0.4AI Score
0.924EPSS
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding (OLE) framework. Problem A buffer overflow vulnerability in the OLE importer...
-0.4AI Score
0.924EPSS
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding (OLE) framework. Problem A buffer overflow vulnerability in the OLE importer...
-0.4AI Score
0.924EPSS
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding (OLE) framework. Problem A buffer overflow vulnerability in the OLE importer...
-0.4AI Score
0.924EPSS
Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use.....
6.1AI Score
0.0004EPSS
Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use.....
6.5AI Score
0.0004EPSS
RHEL 3 / 4 : openoffice.org (RHSA-2008:0538)
Updated openoffice.org packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...
0.7AI Score
0.087EPSS
RHEL 4 / 5 : openoffice.org (RHSA-2008:0537)
Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that...
0.5AI Score
0.087EPSS
CentOS 3 / 4 : openoffice.org (CESA-2008:0538)
Updated openoffice.org packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...
0.6AI Score
0.087EPSS
openoffice.org security update
CentOS Errata and Security Advisory CESA-2008:0538 OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Sean Larsson found a heap overflow flaw in the OpenOffice memory...
7.1AI Score
0.087EPSS
OpenOffice rtl_allocateMemory()函数堆溢出漏洞
BUGTRAQ ID: 29622 CVE(CAN) ID: CVE-2008-2152 OpenOffice是个整合性的软件,包含了许多文字处理、表格、公式等办公工具。 OpenOffice的rtl_allocateMemory()函数没有执行整数溢出检查便以8字节为边界环绕分配请求,以下是sal/rtl/source/alloc_global.c中的漏洞代码: 191 void * 192 SAL_CALL rtl_allocateMemory (sal_Size n) 193 { 194 void * p = 0; ...
1.1AI Score
0.087EPSS
(RHSA-2008:0537) Important: openoffice.org security update
OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Sean Larsson found a heap overflow flaw in the OpenOffice memory allocator. If a carefully crafted file was opened by.....
3AI Score
0.087EPSS
(RHSA-2008:0538) Important: openoffice.org security update
OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Sean Larsson found a heap overflow flaw in the OpenOffice memory allocator. If a carefully crafted file was opened by.....
2.1AI Score
0.087EPSS
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer...
7.9AI Score
0.087EPSS
iDefense Security Advisory 06.10.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 10, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. For more information, see the vendor's site found at the following URL....
0.2AI Score
0.087EPSS
Buffer overflow in rtl_allocateMemory() on different file formats...
4.4AI Score
0.087EPSS
OpenOffice < 2.4.1 rtl_allocateMemory() Function Crafted Document Handling Integer Overflow
The version of OpenOffice installed on the remote host reportedly contains an integer overflow vulnerability in 'rtl_allocateMemory()', a custom memory allocation function used by the application. If an attacker can trick a user on the affected system, he can leverage this issue to execute...
0.7AI Score
0.087EPSS
Fedora 7 : openoffice.org-2.3.0-6.8.fc7 (2008-4104)
Following security issues were addressed in this update: # CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution # CVE-2007-5746: Manipulated EMF files can lead to heap overflows and arbitrary code execution # CVE-2008-0320: Manipulated OLE files....
AI Score
0.924EPSS
GLSA-200805-16 : OpenOffice.org: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200805-16 (OpenOffice.org: Multiple vulnerabilities) iDefense Labs reported multiple vulnerabilities in OpenOffice.org: multiple heap-based buffer overflows when parsing the 'Attribute' and 'Font' Description records of Quattro...
0.5AI Score
0.924EPSS
OpenOffice.org: Multiple vulnerabilities
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description iDefense Labs reported multiple vulnerabilities in OpenOffice.org: multiple...
10AI Score
0.924EPSS
Ubuntu 6.06 LTS / 7.04 / 7.10 : hsqldb, openoffice.org/-amd64 vulnerabilities (USN-609-1)
It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. (CVE-2007-4575) Multiple memory overflow flaws were...
0.6AI Score
0.924EPSS
Fedora 8 : openoffice.org-2.3.0-6.14.fc8 (2008-3251)
Following security issues were addressed in this update: # CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution # CVE-2007-5746: Manipulated EMF files can lead to heap overflows and arbitrary code execution # CVE-2008-0320: Manipulated OLE files....
AI Score
0.924EPSS
RHEL 3 / 4 : openoffice.org (RHSA-2008:0176)
Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...
0.3AI Score
0.924EPSS
RHEL 4 / 5 : openoffice.org (RHSA-2008:0175)
Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...
0.5AI Score
0.924EPSS
CentOS 4 / 5 : openoffice.org / openoffice.org2 (CESA-2008:0175)
Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...
7.6AI Score
0.924EPSS
CentOS 3 / 4 : openoffice.org (CESA-2008:0176)
Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity...
7.5AI Score
0.924EPSS
openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-5053)
This update of OpenOffice fixes various critical security vulnerabilities heap-overflow when parsing PPT files (CVE-2008-0320) various buffer-overflows while parsing QPRO files (CVE-2007-5745, CVE-2007-5747) out-of-bound memory access and a heap-overflow in the regex engine of libICU...
0.3AI Score
0.924EPSS
OpenOffice multiple security vulnerabilities
multiple buffer overflows and integer overflows on QPRO (Quattro Pro), EMF and Microsoft Office files...
4.9AI Score
0.924EPSS
iDefense Security Advisory 04.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. One of the file formats that OpenOffice supports is Windows Enhanced Metafile...
0.5AI Score
0.219EPSS
iDefense Security Advisory 04.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. Object Linking and Embedding (OLE) is a proprietary binary file format developed by....
0.1AI Score
0.924EPSS
iDefense Security Advisory 04.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. One of the file formats that OpenOffice supports is Quattro Pro (QPRO). This format....
AI Score
0.071EPSS
iDefense Security Advisory 04.17.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2008 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating systems. One of the file formats that OpenOffice supports is Quattro Pro (QPRO). This format....
0.3AI Score
0.128EPSS
BUGTRAQ ID: 28819 CVE(CAN) ID: CVE-2007-5745,CVE-2007-5747,CVE-2007-5746,CVE-2008-0320 OpenOffice是个整合性的软件,包含了许多文字处理、表格、公式等办公工具。 OpenOffice在解析文件中的Attribute和Font...
0.3AI Score
0.924EPSS
local privilege escalation in OpenOffice_org
This update of OpenOffice fixes various critical security vulnerabilities - heap-overflow when parsing PPT files (CVE-2008-0320) - various buffer-overflows while parsing QPRO files (CVE-2007-5745, CVE-2007-5747) (NLD9 not affected) - integer overflow while parsing EMF files (CVE-2007-5746) -...
5.2AI Score
0.924EPSS
Debian DSA-1547-1 : openoffice.org - several vulnerabilities
Several security related problems have been discovered in OpenOffice.org, the free office suite. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2007-5745, CVE-2007-5747 Several bugs have been discovered in the way OpenOffice.org parses Quattro...
0.3AI Score
0.924EPSS
Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description...
7.9AI Score
0.071EPSS
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation...
8AI Score
0.924EPSS
Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer...
8AI Score
0.219EPSS
Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description...
7.8AI Score
0.071EPSS
OpenOffice < 2.4 Multiple Vulnerabilities
The version of OpenOffice installed on the remote host is reportedly affected by several issues : Heap overflow and arbitrary code execution vulnerabilities involving ODF text documents with XForms (CVE-2007-4770/4771). Heap overflow and arbitrary code execution vulnerabilities involving Quattro...
2.7AI Score
0.924EPSS
Sun OpenOffice.org < 2.4 Multiple Vulnerabilities
The version of Sun Microsystems OpenOffice.org installed on the remote host is affected by several issues : Heap overflow and arbitrary code execution vulnerabilities involving ODF text documents with XForms (CVE-2007-4770/4771). Heap overflow and arbitrary code execution ...
1.1AI Score
0.924EPSS
3.1AI Score
FireGPG PGP Key Issuer Name HTML Injection Vulnerability
FireGPG is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript code could run in the context of the website that the application is triggered from,...
7.1AI Score
OpenOffice HSQLDB Database Engine Unspecified Java Code Execution Vulnerability
Bugtraq ID: 26703 CVE: CVE-2007-4575 OpenOffice is prone to a code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary Java code in the context of the vulnerable application. Versions prior to OpenOffice 2.3.1 are vulnerable. Sun StarSuite 8 Sun StarOffice...
0.4AI Score
0.029EPSS
GLSA-200712-25 : OpenOffice.org: User-assisted arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-200712-25 (OpenOffice.org: User-assisted arbitrary code execution) The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements. Impact : A remote attacker could entice a user to open...
7.3AI Score
0.029EPSS
OpenOffice.org: User-assisted arbitrary code execution
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to.....
7.2AI Score
0.029EPSS
SuSE 10 Security Update : OpenOffice (ZYPP Patch Number 4320)
This update of OpenOffice_org fixes a bug in TIFF parsing code that leads to a heap overflow. (CVE-2007-2834) This bug can be exploited with user assistance to execute arbitrary...
7.2AI Score
0.926EPSS
OpenOffice: Duplicated, Unprotected Certificate Information shown in Signed ODF Documents
Affects: OpenOffice 2.3.0 and 2.2.0 and possibly older versions I. Background OpenOffice is a opensource suite containing several programs to handle Office documents like text documents or spreadsheets. The latest version uses an XML based document format (ODF). OpenOffice allows documents to...
0.4AI Score
OpenOffice HSQLDB数据库引擎Java代码执行漏洞
BUGTRAQ ID: 26703 CVE(CAN) ID: CVE-2007-4575 OpenOffice是个整合性的软件,包含了许多文字处理、表格、公式等办公工具。 OpenOffice的数据库引擎HSQLDB实现上存在漏洞,远程攻击者可能利用此漏洞执行任意Java代码。 OpenOffice所捆绑的默认数据库引擎HSQLDB在解析SQL查询时没有正确地强制安全限制,如果用户受骗打开了恶意数据库文档中并执行了其中所包含的特制SQL查询的话,就可能导致调用任意静态的Java方式。 OpenOffice < 2.3.1 厂商补丁: Debian...
0.3AI Score
0.029EPSS
OpenOffice certificate information spoofing
It's possible to spoof information about certificate used for...
2AI Score