Lucene search
+L

53 matches found

CVE
CVE
added 2019/09/27 3:7 p.m.296 views

CVE-2019-9853

LibreOffice: CVE-2019-9853 — A URL decoding flaw in how macro URLs are processed and categorized lets an attacker craft a document that bypasses macro security settings, enabling arbitrary macro execution. Affected versions: LibreOffice 6.2 before 6.2.7 and 6.3 before 6.3.1. Remediation: update t...

7.8CVSS8.7AI score0.03188EPSS
Exploits1References17Affected Software1
NVD
NVD
added 2019/08/15 5:15 p.m.16 views

CVE-2019-14422

An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:file1?path2:file2 U...

8.8CVSS8.9AI score0.16391EPSS
Exploits6References2
OSV
OSV
added 2019/08/15 5:15 p.m.6 views

CVE-2019-14422

An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:file1?path2:file2 U...

8.8CVSS7.5AI score0.16391EPSS
Exploits6References2
Prion
Prion
added 2019/08/15 5:15 p.m.22 views

Open redirect

An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:file1?path2:file2 U...

6.8CVSS8.9AI score0.16391EPSS
Exploits6References2Affected Software1
CVE
CVE
added 2019/08/15 4:2 p.m.95 views

CVE-2019-14422

CVE-2019-14422 affects TortoiseSVN 1.12.1, where the tsvncmd: URI handler can perform a customised diff operation on Excel files via tsvncmd:command:diff?path:[file1]?path2:[file2]. For xls files, it runs diff-xls.js with wscript, opening files without macro security warnings and potentially exec...

8.8CVSS8.8AI score0.16391EPSS
Exploits6References2Affected Software1
Packet Storm
Packet Storm
added 2017/02/10 12:0 a.m.60 views

Apache OpenOffice Text Document Malicious Macro Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/zip' require 'cgi' class MetasploitModule "Apache OpenOffice Text Document Malicious Macro Execution", 'Description' = %q This module...

0.1AI score
Exploits0
0day.today
0day.today
added 2017/02/10 12:0 a.m.46 views

Apache OpenOffice Text Document Malicious Macro Execution Exploit

This Metasploit module generates an Apache OpenOffice Text Document with a malicious macro in it. To exploit successfully, the targeted user must adjust the security level in Macro Security to either Medium or Low. If set to Medium, a prompt is presented to the user to enable or disable the macro...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2017/02/08 10:29 p.m.58 views

Apache OpenOffice Text Document Malicious Macro Execution

This module generates an Apache OpenOffice Text Document with a malicious macro in it. To exploit successfully, the targeted user must adjust the security level in Macro Security to either Medium or Low. If set to Medium, a prompt is presented to the user to enable or disable the macro. If set to...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.20 views

Scientific Linux Security Update : openoffice.org on SL5.x i386/x86_64

A flaw was found in the way OpenOffice.org enforced a macro security setting for macros, written in the Python scripting language, that were embedded in OpenOffice.org documents. If a user were tricked into opening a specially crafted OpenOffice.org document and previewed the macro directory...

9.3CVSS5.3AI score0.10511EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.22 views

Scientific Linux Security Update : openoffice.org2 on SL4.x i386/x86_64

A flaw was found in the way OpenOffice.org enforced a macro security setting for macros, written in the Python scripting language, that were embedded in OpenOffice.org documents. If a user were tricked into opening a specially crafted OpenOffice.org document and previewed the macro directory...

9.3CVSS5.3AI score0.10511EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/01/27 12:0 a.m.33 views

SuSE 10 Security Update : OpenOffice_org (ZYPP Patch Number 7079)

This update of OpenOfficeorg fixes the following security issue : - Arbitrary macros written in Python can be executed by bypassing macro security permissions. CVE-2010-0395 It also provides the maintenance update to OpenOffice.org-3.2.1. Details about all upstream changes can be found at...

9.3CVSS5.4AI score0.10511EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/11/07 12:0 a.m.25 views

Mandriva Linux Security Advisory : openoffice.org (MDVSA-2010:221)

Multiple vulnerabilities was discovered and corrected in the OpenOffice.org : Integer overflow allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow CVE-2009-2949. Heap-based buffer overflow allows remote attackers to cause a denial of...

9.3CVSS8.6AI score0.14092EPSS
Exploits1References8
Cent OS
Cent OS
added 2010/06/15 4:14 p.m.64 views

openoffice.org security update

CentOS Errata and Security Advisory CESA-2010:0459 Updated openoffice.org packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System...

9.3CVSS5.8AI score0.10511EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2010/06/11 12:0 a.m.29 views

RedHat Update for openoffice.org RHSA-2010:0459-01

Check for the Version of openoffice.org OpenVAS Vulnerability Test RedHat Update for openoffice.org RHSA-2010:0459-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

9.3CVSS6.5AI score0.10511EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2010/06/07 7:24 p.m.54 views

Moderate: Red Hat Security Advisory: openoffice.org security update

Updated openoffice.org packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.3CVSS5.8AI score0.10511EPSS
Exploits0References2
Prion
Prion
added 2010/02/16 7:30 p.m.104 views

Code injection

OpenOffice.org OOo 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications VBA macro security settings, which allows remote attackers to run arbitrary macros via a crafted document...

9.3CVSS7.1AI score0.08127EPSS
Exploits1References11Affected Software3
CVE
CVE
added 2010/02/16 7:0 p.m.91 views

CVE-2010-0136

CVE-2010-0136 affects OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 where VBA macro security settings are not properly enforced, enabling remote attackers to execute arbitrary macros via crafted documents. The issue stems from insufficient enforcement of VBA macro security in the ooo-build/OpenOff...

9.3CVSS6.5AI score0.08127EPSS
Exploits1References11Affected Software1
Debian
Debian
added 2010/02/12 8:39 p.m.39 views

[Backports-security-announce] Security Update for openoffice.org

Rene Engelhard uploaded a new package for openoffice.org which fixed the following security problems: CVE-2010-0136 It was discovered that macro security settings were insufficiently enforced for VBA macros. CVE-2009-0217 It was discovered that the W3C XML Signature recommendation contains a...

9.3CVSS2.8AI score0.14092EPSS
Exploits1
Debian
Debian
added 2010/02/12 8:39 p.m.36 views

[Backports-security-announce] Security Update for openoffice.org

Rene Engelhard uploaded a new package for openoffice.org which fixed the following security problems: CVE-2010-0136 It was discovered that macro security settings were insufficiently enforced for VBA macros. CVE-2009-0217 It was discovered that the W3C XML Signature recommendation contains a...

9.3CVSS7.5AI score0.14092EPSS
Exploits1
Debian
Debian
added 2010/02/12 6:23 p.m.53 views

[SECURITY] [DSA 1995-1] New openoffice.org packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1995-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 12, 2010 http://www.debian.org/security/faq -...

9.3CVSS10AI score0.14092EPSS
Exploits1
Rows per page
Query Builder