Lucene search
K

72 matches found

OSV
OSV
added 2020/06/08 4:15 p.m.1 views

DEBIAN-CVE-2020-12803

ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need f...

6.5CVSS6.2AI score0.01712EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2020/04/20 12:0 a.m.3 views

Description of the Office 2010 update: September 10, 2013

Description of the Office 2010 update: September 10, 2013 INTRODUCTION Microsoft has released an update for Microsoft Office 2010. This update provides the latest fix for the 32-bit and 64-bit editions of Office 2010. Additionally, this update contains stability and performance improvements. Issu...

6.4AI score
Exploits0
OSV
OSV
added 2020/04/14 7:15 p.m.7 views

CVE-2020-6223

The open document of SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to modify certain error pages to include malicious content. This can misdirect a user who is tricked into accessing these error pages rendered by the application, leading to Content...

6.1CVSS5.8AI score0.00655EPSS
Exploits0References2
OSV
OSV
added 2019/10/31 9:15 p.m.4 views

CVE-2018-3983

An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor. A specially crafted document can cause an array fetch to return an uninitialized pointer and then performs some arithmetic before writing a value to the result. Usage of this...

7.8CVSS6.2AI score0.01458EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2019/08/08 5:9 p.m.3 views

libreoffice: Arbitrary python functions in arbitrary modules on the filesystem can be executed without warning

It was found that libreoffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system...

9.8CVSS6AI score0.67321EPSS
Exploits10References5
OSV
OSV
added 2019/02/28 6:29 p.m.1 views

DEBIAN-CVE-2018-12392

When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...

9.8CVSS8.6AI score0.03425EPSS
Exploits0References1
OSV
OSV
added 2018/12/01 6:29 p.m.4 views

CVE-2018-4038

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

7.8CVSS6.2AI score0.01279EPSS
Exploits1References1
Prion
Prion
added 2018/12/01 6:29 p.m.11 views

Design/Logic Flaw

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

6.8CVSS7.7AI score0.01279EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/12/01 6:29 p.m.20 views

CVE-2018-4038

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

8.8CVSS8.1AI score0.01279EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/01 6:0 p.m.23 views

CVE-2018-4038

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

8.8CVSS7.7AI score0.01279EPSS
Exploits1References1
CVE
CVE
added 2018/12/01 6:0 p.m.64 views

CVE-2018-4038

CVE-2018-4038 is a memory-corruption, arbitrary-write vulnerability in the Atlantis Word Processor open document format parser. Cisco Talos details show the issue stems from an insecure length handling in the NewAnsiString path within the parser’s buffer/heap management (text processing via LStrS...

8.8CVSS7.7AI score0.01279EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/11/22 12:0 a.m.3 views

Atlantis Word Processor open document format parser security vulnerability

Atlantis Word Processor is a suite of word processor software from the Atlantis Word Processor team. open document format parser is one of the open document format parsers. A security vulnerability exists in the open document format parser in Atlantis Word Processor versions 3.2.7.1 and 3.2.7.2. ...

8.8CVSS7.1AI score0.01279EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2018/10/24 10:12 p.m.3 views

Mozilla: Crash with nested event loops

When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...

9.8CVSS7.3AI score0.03425EPSS
Exploits0References5
OSV
OSV
added 2018/10/01 8:29 p.m.4 views

CVE-2018-3982

An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor 3.0.2.3 and 3.0.2.5. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an...

7.8CVSS6.2AI score
Exploits0References1
CNVD
CNVD
added 2018/05/16 12:0 a.m.2 views

Adobe Acrobat/Reader Security Bypass Vulnerability (CNVD-2018-11736)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat/Reader has a security bypass vulnerability. Remote attackers can be induced...

6.5CVSS6.8AI score0.10546EPSS
Exploits0References1
OSV
OSV
added 2018/04/26 8:29 p.m.3 views

CVE-2018-3845

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution...

8.8CVSS5.9AI score0.02749EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2018/04/26 12:0 a.m.5 views

PT-2018-16239 · Hyland · Hyland Perceptive Document Filters

Name of the Vulnerable Software and Affected Versions: Hyland Perceptive Document Filters versions 11.4.0.2647 and later, prior to the fixed version, are not specified, however, it is clear that version 11.4.0.2647 is affected. Description: A crafted OpenDocument document can cause a SkCanvas...

8.8CVSS8.7AI score0.02749EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/04/04 12:0 a.m.32 views

LibreOffice < 3.5.7 / 3.6.1 Multiple Denial of Service Vulnerabilities (Mac OS X)

A version of LibreOffice prior to 3.5.7 / 3.6.1 is installed on the remote Mac OS X host. It is, therefore, reportedly affected by multiple denial of service vulnerabilities in various import filters: - Excel .xls - Windows Meta File .wmf - Open Document Format .odg / .odt This could allow a remo...

4.3CVSS8.2AI score0.03482EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/04/04 12:0 a.m.36 views

LibreOffice < 3.5.7 / 3.6.1 Multiple Denial of Service Vulnerabilities

A version of LibreOffice prior to 3.5.7 / 3.6.1 is installed on the remote Windows host. It is, therefore, reportedly affected by multiple denial of service vulnerabilities in various import filters: - Excel .xls - Windows Meta File .wmf - Open Document Format .odg / .odt This could allow a remot...

4.3CVSS8.3AI score0.03482EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2012/12/24 12:0 a.m.35 views

LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Mac OS X)

This host is installed with LibreOffice and is prone to buffer overflow vulnerabilities. OpenVAS Vulnerability Test $Id: gblibreofficexmlmanifestbofvulnmacosx.nasl 5888 2017-04-07 09:01:53Z teissa $ LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities Mac OS X Authors: Rachana Shetty...

7.5CVSS0.4AI score0.07006EPSS
Exploits0References2
Rows per page
Query Builder