Lucene search
K

218 matches found

securityvulns
securityvulns
added 2012/04/02 12:0 a.m.493 views

CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: libraptor - XXE in RDF/XML File Interpretation Release Date: 2012-03-24 Applications: libraptor / librdf...

4.3CVSS0.13682EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2012/03/26 12:0 a.m.28 views

FreeBSD : raptor/raptor2 -- XXE in RDF/XML File Interpretation (60f81af3-7690-11e1-9423-00235a5f2c9a)

Timothy D. Morgan reports : In December 2011, VSR identified a vulnerability in multiple open source office products including OpenOffice, LibreOffice, KOffice, and AbiWord due to unsafe interpretation of XML files with custom entity declarations. Deeper analysis revealed that the vulnerability w...

6.5CVSS6.4AI score0.13682EPSS
Exploits2References4
seebug.org
seebug.org
added 2012/03/23 12:0 a.m.42 views

OpenOffice ODF文档信息泄露漏洞

Bugtraq ID: 52681 CVE ID:CVE-2012-0037 OpenOffice是一款开放源代码的文字处理系统 OpenOffice.org存在一个XML外部实体攻击,处理ODF文档中某些XML组件中的外部实体时存在漏洞,通过构建外部实体引用其他本地文件系统资源,攻击者可以无需用户交互把本地内容注入到ODF文档中,导致信息泄露 0 OpenOffice 3.4 Beta OpenOffice 3.3 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息:...

4.3CVSS6.6AI score0.13682EPSS
Exploits2
NVD
NVD
added 2011/01/28 10:0 p.m.17 views

CVE-2010-4643

Heap-based buffer overflow in Impress in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Truevision TGA TARGA file in an ODF or Microsoft Office document...

9.3CVSS7.2AI score0.10102EPSS
Exploits0References22
Prion
Prion
added 2011/01/28 10:0 p.m.17 views

Heap overflow

Heap-based buffer overflow in Impress in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Truevision TGA TARGA file in an ODF or Microsoft Office document...

9.3CVSS8.7AI score0.10102EPSS
Exploits0References22Affected Software1
Cvelist
Cvelist
added 2011/01/28 9:13 p.m.17 views

CVE-2010-4643

Heap-based buffer overflow in Impress in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Truevision TGA TARGA file in an ODF or Microsoft Office document...

7.1AI score0.10102EPSS
Exploits0References22
CVE
CVE
added 2011/01/28 9:13 p.m.132 views

CVE-2010-4253

CVE-2010-4253 is confirmed in OpenOffice/OpenOffice Impress. The vulnerability is a heap-based buffer overflow in Impress of OpenOffice.org 2.x and 3.x (before 3.3) triggered by a crafted PNG inside an ODF or Microsoft Office document (e.g., PowerPoint), leading to a remote crash or possible arbi...

9.3CVSS7.1AI score0.10102EPSS
Exploits0References19Affected Software1
CVE
CVE
added 2011/01/28 9:13 p.m.147 views

CVE-2010-4643

OpenOffice.org/OpenOffice.org Impress (2.x–3.x) contains a heap-based buffer overflow in the TGA (Truevision TGA) image handling that can be triggered by a crafted TGA file embedded in ODF or Office documents, potentially causing crashes or arbitrary code execution. The CVE is referenced across m...

9.3CVSS7.1AI score0.10102EPSS
Exploits0References22Affected Software1
Cvelist
Cvelist
added 2011/01/28 9:13 p.m.27 views

CVE-2010-4253

Heap-based buffer overflow in Impress in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint aka PPT...

7.1AI score0.10102EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2011/01/28 12:55 p.m.4 views

OpenOffice.org: heap based buffer overflow when parsing TGA files

Heap-based buffer overflow in Impress in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Truevision TGA TARGA file in an ODF or Microsoft Office document...

9.3CVSS6.5AI score0.10102EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2011/01/28 12:0 a.m.38 views

CVE-2010-4643

Heap-based buffer overflow in Impress in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Truevision TGA TARGA file in an ODF or Microsoft Office document...

9.3CVSS6.4AI score0.10102EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2011/01/28 12:0 a.m.7 views

PT-2011-1224 · Oracle +3 · Openoffice.Org +3

Name of the Vulnerable Software and Affected Versions: OpenOffice.org OOo versions 2.x through 3.x before 3.3 Description: The issue is related to a heap-based buffer overflow in Impress, which can be triggered by a crafted PNG file in an ODF or Microsoft Office document. This can cause a denial ...

9.3CVSS7.7AI score0.10731EPSS
Exploits0References41
UbuntuCve
UbuntuCve
added 2011/01/28 12:0 a.m.53 views

CVE-2010-4253

Heap-based buffer overflow in Impress in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint aka PPT...

9.3CVSS6.4AI score0.10102EPSS
Exploits0References2
Drupal
Drupal
added 2010/02/03 12:0 a.m.12 views

SA-CONTRIB-2010-012 - ODF Import - Access Bypass (possible Cross Site Scripting)

ODF Import module enables users of a Drupal site to import content created in the ODF format e.g. using OpenOffice.org. When importing content it always used an input format which might not be available to the user importing the content leading to a cross-site scripting XSS vulnerability. Such an...

6AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2008/04/17 12:0 a.m.26 views

OpenOffice < 2.4 Multiple Vulnerabilities

Binary data 4474.prm...

9.3CVSS8.1AI score0.57015EPSS
Exploits10References11
Tenable Nessus
Tenable Nessus
added 2008/04/17 12:0 a.m.44 views

Sun OpenOffice.org < 2.4 Multiple Vulnerabilities

The version of Sun Microsystems OpenOffice.org installed on the remote host is affected by several issues : - Heap overflow and arbitrary code execution vulnerabilities involving ODF text documents with XForms CVE-2007-4770/4771. - Heap overflow and arbitrary code execution vulnerabilities...

9.3CVSS9.1AI score0.57015EPSS
Exploits10References10
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.18 views

openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-2652)

Following security problems were fixed in OpenOfficeorg : CVE-2007-0002: Various problems were fixed in the Wordperfect converter library libwpd in OpenOfficeorg which could be used by remote attackers to potentially execute code or crash OpenOfficeorg. CVE-2007-0238: A stack overflow in the...

9.3CVSS8.7AI score0.06722EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.26 views

openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-2682)

Following security problems were fixed in OpenOfficeorg : This update also brings OpenOfficeorg to version 2.0.4.17, same as SUSE Linux Enterprise Desktop 10 and contains lots of bugfixes. CVE-2007-0002: Various problems were fixed in the Wordperfect converter library libwpd in OpenOfficeorg whic...

9.3CVSS8.6AI score0.06722EPSS
Exploits0References3
Rows per page
Query Builder