OpenOffice HSQLDB数据库引擎未明JAVA代码执行漏洞
OpenOffice是一款开放冤代码的办公应用软件。 OpenOffice的第三方模块HSQLDB数据库引擎(默认安装)存在未明安全问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意Java代码。 目前没有详细漏洞细节提供。 RedHat Enterprise Linux Optional Productivity Application v.5 server RedHat Enterprise Linux Desktop v.5 client RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat...
7AI Score
HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java...
7.8AI Score
0.029EPSS
Name| ooo_230 ---|--- CVE| CVE-2007-4575 Exploit Pack| CANVAS Description| OpenOffice Database 2.3.0 Static Java Execution Notes| CVE Name: CVE-2007-4575 VENDOR: OpenOffice Repeatability: Infinite (client side - no crash) CVS URL: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575...
0.8AI Score
0.029EPSS
HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java...
7.2AI Score
0.029EPSS
Sun OpenOffice.org < 2.3.1 Database HSQLDB Database Document Handling Arbitrary Java Code Execution
The remote host is running a version of Sun Microsystems OpenOffice.org that contains an arbitrary code execution vulnerability in its HSQLDB database engine. If a remote attacker can trick a user into opening a specially crafted database, this issue can be leveraged to execute arbitrary static...
7.5AI Score
0.029EPSS
OpenOffice HSQLDB Document Handling Java Code Injection
The remote host is running a version of OpenOffice.org that is affected by a remote code execution flaw. The root of the flaw appears to be the HSQLDB database engine. An attacker exploiting this flaw would need to be able to convince a user to open a file that was handled by the OpenOffice...
4AI Score
hsqldb / OpenOffice code execution
It's possible to execute Java code embedded to OpenOffice database...
2AI Score
0.029EPSS
Web Mayhem: Firefox’s JAR: Protocol issues
Web Mayhem: Firefox’s JAR: Protocol issues published: November 7th, 2007 One of the things that we enjoy the most, here in GNUCITIZEN, is finding issues with features. Unlike bugs, insecure features tend to be more severe and usually last longer due to uneasy and rather long decision making...
-0.3AI Score
Ubuntu 6.06 LTS / 6.10 / 7.04 : openoffice.org/-amd64 vulnerability (USN-524-1)
An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly...
7.2AI Score
0.926EPSS
Ubuntu 6.06 LTS / 6.10 / 7.04 : openoffice.org(2)/-amd64 vulnerability (USN-482-1)
John Heasman discovered that OpenOffice did not correctly validate the sizes of tags in RTF documents. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the...
7AI Score
0.666EPSS
Ubuntu 5.10 : openoffice.org2-amd64, openoffice.org2 vulnerabilities (USN-313-2)
USN-313-1 fixed several vulnerabilities in OpenOffice for Ubuntu 5.04 and Ubuntu 6.06 LTS. This followup advisory provides the corresponding update for Ubuntu 5.10. For reference, these are the details of the original USN : It was possible to embed Basic macros in documents in a way that...
7.3AI Score
0.021EPSS
Update Protection against OpenOffice TIFF File Parsing Integer Overflow Vulnerability
An integer overflow vulnerability has been identified in the OpenOffice software suite. OpenOffice is an open source office suite that is capable of processing several types of graphic document formats, including the Tagged Image File Format (TIFF). A remote attacker could exploit this issue via a....
7.1AI Score
0.926EPSS
GLSA-200710-24 : OpenOffice.org: Heap-based buffer overflow
The remote host is affected by the vulnerability described in GLSA-200710-24 (OpenOffice.org: Heap-based buffer overflow) iDefense Labs reported that the TIFF parsing code uses untrusted values to calculate buffer sizes, which can lead to an integer overflow resulting in heap-based buffer...
7.2AI Score
0.926EPSS
OpenOffice.org: Heap-based buffer overflow
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description iDefense Labs reported that the TIFF parsing code uses untrusted values to calculate...
7.2AI Score
0.926EPSS
Releases Ubuntu 7.04 Ubuntu 6.10 Ubuntu 6.06 Packages openoffice.org - openoffice.org-amd64 - Details An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with...
7.3AI Score
0.926EPSS
5.2AI Score
0.926EPSS
openoffice -- arbitrary command execution vulnerability
iDefense reports: Remote exploitation of multiple integer overflow vulnerabilities within OpenOffice, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code. These vulnerabilities exist within the TIFF parsing code...
7.5AI Score
0.926EPSS
Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities iDefense Security Advisory 09.17.07 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 17, 2007 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating...
0.8AI Score
0.926EPSS
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of...
7.7AI Score
0.926EPSS
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of...
8AI Score
0.926EPSS
OpenOffice < 2.3 TIFF Parser Multiple Overflows
The remote Windows host has a program that is affected by multiple buffer overflow vulnerabilities. The remote host is running a version of OpenOffice.org that is affected by multiple integer overflows in its TIFF document parser that can be triggered when parsing tags in TIFF directory entries. .....
4.7AI Score
Sun OpenOffice.org < 2.3 TIFF Parser Buffer Overflow Vulnerabilities
The remote host is running a version of Sun Microsystems OpenOffice.org that is affected by multiple integer overflows in its TIFF document parser that can be triggered when parsing tags in TIFF directory entries. If a remote attacker can trick a user into opening a specially crafted TIFF...
0.8AI Score
0.926EPSS
OpenOffice是一款开放源代码的文字处理应用程序。 OpenOffice处理TIFF文件存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 构建恶意的TIFF文件,诱使用户打开可触发漏洞,目前没有详细漏洞细节提供。 OpenOffice OpenOffice 2.3 OpenOffice OpenOffice 2.2.1 OpenOffice OpenOffice 2.0.4 OpenOffice OpenOffice 1.1.3 + Gentoo Linux + RedHat Fedora Core3 + Ubuntu Ubuntu Linux 5.0...
7AI Score
OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of...
6.6AI Score
0.018EPSS
OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of...
7.2AI Score
0.018EPSS
This article has been published in the hacker line of Defense of the 2 0 0 7 years 7 monthly. The author and the hacker line of Defense on the retention of copyright, reproduced, please indicate the original source. For the reader: overflow of lovers Pre-knowledge: Assembly language, buffer...
-0.3AI Score
Releases Ubuntu 7.04 Ubuntu 6.10 Ubuntu 6.06 Details John Heasman discovered that OpenOffice did not correctly validate the sizes of tags in RTF documents. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user...
6.8AI Score
0.666EPSS
GLSA-200707-02 : OpenOffice.org: Two buffer overflows
The remote host is affected by the vulnerability described in GLSA-200707-02 (OpenOffice.org: Two buffer overflows) John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing the 'prdata' tag in RTF files where the first token is smaller than the second one...
0.6AI Score
0.666EPSS
OpenOffice.org: Two buffer overflows
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing...
7.5AI Score
0.666EPSS
OpenOffice是个整合性的软件,包含了许多文字处理、表格、公式等办公工具。 OpenOffice在处理带有畸形数据的RTF文档时存在漏洞,远程攻击者可能利用此漏洞控制用户机器。 在解析文件中的prtdata标签时,OpenOffice的RTF解析器基于第一个令牌分配内存,但却拷贝了第二个令牌的内容,因此如果将第一个令牌的值设置得比第二个令牌长度小的话,就可以覆盖堆数据。远程攻击者可以通过诱骗用户打开恶意RTF文件来触发这个溢出,导致执行任意指令。 OpenOffice OpenOffice < 2.2.1 Debian ...
7.6AI Score
-0.2AI Score
Sun OpenOffice.org RTF Parser prtdata Tag Buffer Overflow
The remote host is running a version of Sun Microsystems OpenOffice.org that is affected by a heap-based buffer overflow in its RTF document parser that is triggered when parsing 'prtdata' tags. If a remote attacker can trick a user into opening a specially crafted RTF document, he can execute...
0.9AI Score
0.666EPSS
CentOS 3 / 4 / 5 : openoffice / openoffice.org (CESA-2007:0406)
Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...
0.6AI Score
0.666EPSS
Ivalid dynamic memory allocation on RTF document prtdata tag...
4.6AI Score
0.666EPSS
High risk vulnerability in OpenOffice RTF parser
John Heasman of NGSSoftware has discovered a high risk vulnerability in the handling of RTF documents within OpenOffice. The vulnerability affects all versions of OpenOffice prior to 2.2.1. If an attacker can coax a user into opening a specially crafted RTF document then the attacker can execute...
0.9AI Score
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be...
7.6AI Score
0.666EPSS
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be...
7.8AI Score
0.666EPSS
1.6AI Score
2.1AI Score
7.4AI Score
OpenOffice 2.2 Writer Component - Remote Denial of Service
OpenOffice 2.2 Writer Component - Remote Denial of...
-0.2AI Score
RHEL 5 : libwpd (RHSA-2007:0055)
Updated libwpd packages to correct a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libwpd is a library for reading and converting Word Perfect documents. iDefense reported...
7.5AI Score
0.211EPSS
GLSA-200704-12 : OpenOffice.org: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200704-12 (OpenOffice.org: Multiple vulnerabilities) John Heasman of NGSSoftware has discovered a stack-based buffer overflow in the StarCalc parser and an input validation error when processing metacharacters in a link....
0.5AI Score
0.55EPSS
OpenOffice.org: Multiple vulnerabilities
Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description John Heasman of NGSSoftware has discovered a stack-based buffer overflow in the...
7.4AI Score
0.55EPSS
Sun OpenOffice.org < 2.2 Multiple Vulnerabilities
The remote host is running a version of Sun Microsystems OpenOffice.org that is prior to version 2.2. It is, therefore, affected by a stack-based buffer overflow vulnerability in its handling of StarCalc documents. If a remote attacker can trick a user into opening a specially crafted StarCalc...
7.6AI Score
0.55EPSS
High Risk Vulnerability in OpenOffice
John Heasman of NGSSoftware has discovered a high risk vulnerability in the handling of StarCalc documents within OpenOffice. The vulnerability affects all versions of OpenOffice prior to 2.2. If an attacker can coax a user into opening a specially crafted StarCalc document then the attacker can...
0.8AI Score
0.55EPSS
Multiple OpenOffice security vulnerabilities
Shell characters problem on document open, code...
3.6AI Score
0.55EPSS
OpenOffice StarCalc解析器未明缓冲区溢出漏洞
OpenOffice是一款开放源代码的文字处理程序。 OpenOffice StarCalc解析器存在缓冲区溢出问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 S.u.S.E. SUSE Linux Enterprise Desktop 10 S.u.S.E. SLE SDK 10 S.u.S.E. openSUSE 10.2 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Desktop 1.0 S.u.S.E. Linux 9.3 x86 S.u.S.E. Linux 10.1 x86-64...
7AI Score
(RHSA-2007:0069) Important: openoffice.org security update
OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. John Heasman discovered a stack overflow in the StarCalc parser in OpenOffice. An attacker could create a carefully...
1.7AI Score
0.55EPSS
Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long...
7.9AI Score
0.55EPSS