34 matches found
CVE-2025-64407
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. Such links could also be used to transmit system information, such as environment variable...
EUVD-2025-124979
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. Such links could also be used to transmit system information, such as environment variable...
CVE-2025-64407
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. Such links could also be used to transmit system information, such as environment variable...
CVE-2025-64407
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. Such links could also be used to transmit system information, such as environment variable...
EUVD-2025-124980
Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links to be loaded without prompt. This issue affects Apache...
EUVD-2025-124971
An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the...
CVE-2025-64406
An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the...
CVE-2025-64403
Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links to be loaded without prompt. This issue affects Apache...
CVE-2025-64406
An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the...
CVE-2025-64401
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linke...
CVE-2025-64406
CVE-2025-64406 affects Apache OpenOffice up to 4.1.15. It is an out-of-bounds write vulnerability that could crash the program or corrupt memory when a crafted document is processed. Upgrading to OpenOffice 4.1.16 fixes the issue. CVSSv3.1 base score 4.3 (MEDIUM) with network attack vector, low c...
CVE-2025-64406 Apache OpenOffice: Possible memory corruption during CSV import
An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the...
CVE-2025-64405 Apache OpenOffice: Remote documents loaded without prompt via DDE function
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, Calc spreadsheet containing DDE links to...
CVE-2025-64404 Apache OpenOffice: Remote documents loaded without prompt via background and bullet images
Apache OpenOffice documents can contain links to other files. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used backgrou...
CVE-2025-64402 Apache OpenOffice: Remote documents loaded without prompt via OLE objects
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to...
CVE-2025-64401
Apache OpenOffice is affected by a vulnerability where documents with floating frames linked to external files can load external content without user permission. Root cause: missing Authorization to load external links. Affected versions: Apache OpenOffice up to 4.1.15. Impact: loading external f...
Apache OpenOffice 安全漏洞
Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents , spreadsheets , presentations , drawings , databases and so on. A security bypass vulnerability exists in Apache OpenOffice, which can be exploited by attackers to...
PT-2025-46582
Name of the Vulnerable Software and Affected Versions Apache OpenOffice versions through 4.1.15 Description Apache OpenOffice documents can contain links. A missing authorization check in Apache OpenOffice allowed an attacker to create a document that would load external links without user...
PT-2025-46561
Name of the Vulnerable Software and Affected Versions Apache OpenOffice versions through 4.1.15 Description An out-of-bounds Write issue exists in Apache OpenOffice. An attacker could create a malicious document that causes the program to crash or corrupt memory. Recommendations Upgrade to versio...
CVE-2024-50513
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPXPO PostX ultimate-post allows Stored XSS.This issue affects PostX: from n/a through = 4.1.15...