LibreOffice, OpenOffice Security Vulnerabilities

OpenOffice HSQLDB数据库引擎未明JAVA代码执行漏洞

OpenOffice是一款开放冤代码的办公应用软件。 OpenOffice的第三方模块HSQLDB数据库引擎(默认安装)存在未明安全问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意Java代码。 目前没有详细漏洞细节提供。 RedHat Enterprise Linux Optional Productivity Application v.5 server RedHat Enterprise Linux Desktop v.5 client RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat...

CVE-2007-4575

HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java...

Immunity Canvas: OOO_230

Name| ooo_230 ---|--- CVE| CVE-2007-4575 Exploit Pack| CANVAS Description| OpenOffice Database 2.3.0 Static Java Execution Notes| CVE Name: CVE-2007-4575 VENDOR: OpenOffice Repeatability: Infinite (client side - no crash) CVS URL: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575...

Design/Logic Flaw

HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java...

Sun OpenOffice.org < 2.3.1 Database HSQLDB Database Document Handling Arbitrary Java Code Execution

The remote host is running a version of Sun Microsystems OpenOffice.org that contains an arbitrary code execution vulnerability in its HSQLDB database engine. If a remote attacker can trick a user into opening a specially crafted database, this issue can be leveraged to execute arbitrary static...

OpenOffice HSQLDB Document Handling Java Code Injection

The remote host is running a version of OpenOffice.org that is affected by a remote code execution flaw. The root of the flaw appears to be the HSQLDB database engine. An attacker exploiting this flaw would need to be able to convince a user to open a file that was handled by the OpenOffice...

hsqldb / OpenOffice code execution

It's possible to execute Java code embedded to OpenOffice database...

Web Mayhem: Firefox’s JAR: Protocol issues

Web Mayhem: Firefox’s JAR: Protocol issues published: November 7th, 2007 One of the things that we enjoy the most, here in GNUCITIZEN, is finding issues with features. Unlike bugs, insecure features tend to be more severe and usually last longer due to uneasy and rather long decision making...

Ubuntu 6.06 LTS / 6.10 / 7.04 : openoffice.org/-amd64 vulnerability (USN-524-1)

An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly...

Ubuntu 6.06 LTS / 6.10 / 7.04 : openoffice.org(2)/-amd64 vulnerability (USN-482-1)

John Heasman discovered that OpenOffice did not correctly validate the sizes of tags in RTF documents. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the...

Ubuntu 5.10 : openoffice.org2-amd64, openoffice.org2 vulnerabilities (USN-313-2)

USN-313-1 fixed several vulnerabilities in OpenOffice for Ubuntu 5.04 and Ubuntu 6.06 LTS. This followup advisory provides the corresponding update for Ubuntu 5.10. For reference, these are the details of the original USN : It was possible to embed Basic macros in documents in a way that...

Update Protection against OpenOffice TIFF File Parsing Integer Overflow Vulnerability

An integer overflow vulnerability has been identified in the OpenOffice software suite. OpenOffice is an open source office suite that is capable of processing several types of graphic document formats, including the Tagged Image File Format (TIFF). A remote attacker could exploit this issue via a....

GLSA-200710-24 : OpenOffice.org: Heap-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-200710-24 (OpenOffice.org: Heap-based buffer overflow) iDefense Labs reported that the TIFF parsing code uses untrusted values to calculate buffer sizes, which can lead to an integer overflow resulting in heap-based buffer...

OpenOffice.org: Heap-based buffer overflow

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description iDefense Labs reported that the TIFF parsing code uses untrusted values to calculate...

OpenOffice.org vulnerability

Releases Ubuntu 7.04 Ubuntu 6.10 Ubuntu 6.06 Packages openoffice.org - openoffice.org-amd64 - Details An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with...

OpenOffice integer overflow

Integer overflow on TIFF images...

openoffice -- arbitrary command execution vulnerability

iDefense reports: Remote exploitation of multiple integer overflow vulnerabilities within OpenOffice, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code. These vulnerabilities exist within the TIFF parsing code...

iDefense Security Advisory 09.17.07: Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities

Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities iDefense Security Advisory 09.17.07 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 17, 2007 I. BACKGROUND OpenOffice is an open-source desktop office suite for many of today's popular operating...

CVE-2007-2834

Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of...

Integer overflow

Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of...

OpenOffice < 2.3 TIFF Parser Multiple Overflows

The remote Windows host has a program that is affected by multiple buffer overflow vulnerabilities. The remote host is running a version of OpenOffice.org that is affected by multiple integer overflows in its TIFF document parser that can be triggered when parsing tags in TIFF directory entries. .....

Sun OpenOffice.org < 2.3 TIFF Parser Buffer Overflow Vulnerabilities

The remote host is running a version of Sun Microsystems OpenOffice.org that is affected by multiple integer overflows in its TIFF document parser that can be triggered when parsing tags in TIFF directory entries. If a remote attacker can trick a user into opening a specially crafted TIFF...

OpenOffice TIFF文件解析缓冲区溢出漏洞

OpenOffice是一款开放源代码的文字处理应用程序。 OpenOffice处理TIFF文件存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 构建恶意的TIFF文件，诱使用户打开可触发漏洞，目前没有详细漏洞细节提供。 OpenOffice OpenOffice 2.3 OpenOffice OpenOffice 2.2.1 OpenOffice OpenOffice 2.0.4 OpenOffice OpenOffice 1.1.3 + Gentoo Linux + RedHat Fedora Core3 + Ubuntu Ubuntu Linux 5.0...

CVE-2007-4251

OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of...

Denial of service

OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of...

Fuzzing in Microsoft Word overflow analysis and use-vulnerability and early warning-the black bar safety net

This article has been published in the hacker line of Defense of the 2 0 0 7 years 7 monthly. The author and the hacker line of Defense on the retention of copyright, reproduced, please indicate the original source. For the reader: overflow of lovers Pre-knowledge: Assembly language, buffer...

OpenOffice.org vulnerability

Releases Ubuntu 7.04 Ubuntu 6.10 Ubuntu 6.06 Details John Heasman discovered that OpenOffice did not correctly validate the sizes of tags in RTF documents. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user...

GLSA-200707-02 : OpenOffice.org: Two buffer overflows

The remote host is affected by the vulnerability described in GLSA-200707-02 (OpenOffice.org: Two buffer overflows) John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing the 'prdata' tag in RTF files where the first token is smaller than the second one...

OpenOffice.org: Two buffer overflows

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing...

OpenOffice RTF文件解析器远程堆溢出漏洞

OpenOffice是个整合性的软件，包含了许多文字处理、表格、公式等办公工具。 OpenOffice在处理带有畸形数据的RTF文档时存在漏洞，远程攻击者可能利用此漏洞控制用户机器。 在解析文件中的prtdata标签时，OpenOffice的RTF解析器基于第一个令牌分配内存，但却拷贝了第二个令牌的内容，因此如果将第一个令牌的值设置得比第二个令牌长度小的话，就可以覆盖堆数据。远程攻击者可以通过诱骗用户打开恶意RTF文件来触发这个溢出，导致执行任意指令。 OpenOffice OpenOffice &lt; 2.2.1 Debian ...

OpenOffice Detection

OpenOffice is installed on the remote...

Sun OpenOffice.org RTF Parser prtdata Tag Buffer Overflow

The remote host is running a version of Sun Microsystems OpenOffice.org that is affected by a heap-based buffer overflow in its RTF document parser that is triggered when parsing 'prtdata' tags. If a remote attacker can trick a user into opening a specially crafted RTF document, he can execute...

CentOS 3 / 4 / 5 : openoffice / openoffice.org (CESA-2007:0406)

Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...

OpenOffice buffer overflow

Ivalid dynamic memory allocation on RTF document prtdata tag...

High risk vulnerability in OpenOffice RTF parser

John Heasman of NGSSoftware has discovered a high risk vulnerability in the handling of RTF documents within OpenOffice. The vulnerability affects all versions of OpenOffice prior to 2.2.1. If an attacker can coax a user into opening a specially crafted RTF document then the attacker can execute...

CVE-2007-0245

Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be...

Heap overflow

Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be...

OpenOffice Version Information

The remote host is running the OpenOffice suite of business...

OpenOffice Writer DoS

Crash on .otp files...

OpenOffice 2.2 Writer Component - Remote Denial of Service

...

OpenOffice 2.2 Writer Component - Remote Denial of Service

OpenOffice 2.2 Writer Component - Remote Denial of...

RHEL 5 : libwpd (RHSA-2007:0055)

Updated libwpd packages to correct a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. libwpd is a library for reading and converting Word Perfect documents. iDefense reported...

GLSA-200704-12 : OpenOffice.org: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200704-12 (OpenOffice.org: Multiple vulnerabilities) John Heasman of NGSSoftware has discovered a stack-based buffer overflow in the StarCalc parser and an input validation error when processing metacharacters in a link....

OpenOffice.org: Multiple vulnerabilities

Background OpenOffice.org is an open source office productivity suite, including word processing, spreadsheet, presentation, drawing, data charting, formula editing, and file conversion facilities. Description John Heasman of NGSSoftware has discovered a stack-based buffer overflow in the...

Sun OpenOffice.org < 2.2 Multiple Vulnerabilities

The remote host is running a version of Sun Microsystems OpenOffice.org that is prior to version 2.2. It is, therefore, affected by a stack-based buffer overflow vulnerability in its handling of StarCalc documents. If a remote attacker can trick a user into opening a specially crafted StarCalc...

High Risk Vulnerability in OpenOffice

John Heasman of NGSSoftware has discovered a high risk vulnerability in the handling of StarCalc documents within OpenOffice. The vulnerability affects all versions of OpenOffice prior to 2.2. If an attacker can coax a user into opening a specially crafted StarCalc document then the attacker can...

Multiple OpenOffice security vulnerabilities

Shell characters problem on document open, code...

OpenOffice StarCalc解析器未明缓冲区溢出漏洞

OpenOffice是一款开放源代码的文字处理程序。 OpenOffice StarCalc解析器存在缓冲区溢出问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 S.u.S.E. SUSE Linux Enterprise Desktop 10 S.u.S.E. SLE SDK 10 S.u.S.E. openSUSE 10.2 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Desktop 1.0 S.u.S.E. Linux 9.3 x86 S.u.S.E. Linux 10.1 x86-64...

(RHSA-2007:0069) Important: openoffice.org security update

OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. John Heasman discovered a stack overflow in the StarCalc parser in OpenOffice. An attacker could create a carefully...

Stack overflow

Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long...