CVE-2026-6040

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

CVE-2026-6040 Heap use-after-free in ODF number-format blank-width parsing

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

CVE-2026-6040 Heap use-after-free in ODF number-format blank-width parsing

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

PT-2026-49263

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

CVE-2021-25635

An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...

Open-xchange OX App Suite 路径遍历漏洞

Open-xchange OX App Suite is a Web cloud desktop environment from Open-Xchange Open-xchange, a US-based company. The environment allows users to more intuitively manage email, tasks, files, etc. A directory traversal vulnerability exists in Open-xchange OX App Suite, which can be exploited by...

The vulnerability of the Apache OpenOffice office software, related to errors in checking the cryptographic signature, allows a hacker to modify the content of ODF documents.

The vulnerability of the Apache office software package is related to errors in checking the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to modify the content of ODF documents remotely...

DEBIAN-CVE-2021-25634

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to...

LibreOffice 数据伪造问题漏洞

LibreOffice is an open source office software suite from The Document Foundation. LibreOffice suffers from a Data Forgery Problem vulnerability that stems from the application not properly checking the digital signatures of ODF documents. An attacker could use the vulnerability to change the...

DEBIAN-CVE-2020-12803

ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need f...

CVE-2018-4038

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

CVE-2018-4038

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

Design/Logic Flaw

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

CVE-2018-4038

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

CVE-2018-4038

CVE-2018-4038 is a memory-corruption, arbitrary-write vulnerability in the Atlantis Word Processor open document format parser. Cisco Talos details show the issue stems from an insecure length handling in the NewAnsiString path within the parser’s buffer/heap management (text processing via LStrS...

LibreOffice < 3.5.7 / 3.6.1 Multiple Denial of Service Vulnerabilities (Mac OS X)

A version of LibreOffice prior to 3.5.7 / 3.6.1 is installed on the remote Mac OS X host. It is, therefore, reportedly affected by multiple denial of service vulnerabilities in various import filters: - Excel .xls - Windows Meta File .wmf - Open Document Format .odg / .odt This could allow a remo...

LibreOffice < 3.5.7 / 3.6.1 Multiple Denial of Service Vulnerabilities

A version of LibreOffice prior to 3.5.7 / 3.6.1 is installed on the remote Windows host. It is, therefore, reportedly affected by multiple denial of service vulnerabilities in various import filters: - Excel .xls - Windows Meta File .wmf - Open Document Format .odg / .odt This could allow a remot...

LibreOffice Import Files Denial of Service Vulnerabilities - Mac OS X

LibreOffice is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LibreOffice Import Files Denial of Service Vulnerabilities - Windows

LibreOffice is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LibreOffice Import Files Denial of Service Vulnerabilities (Windows)

This host is installed with LibreOffice and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gblibreofficemultfilesdosvulnwin.nasl 7174 2017-09-18 11:48:08Z asteins $ LibreOffice Import Files Denial of Service Vulnerabilities Windows Authors: Rachana Shetty Copyright:...