72 matches found
DEBIAN-CVE-2020-12803
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need f...
Description of the Office 2010 update: September 10, 2013
Description of the Office 2010 update: September 10, 2013 INTRODUCTION Microsoft has released an update for Microsoft Office 2010. This update provides the latest fix for the 32-bit and 64-bit editions of Office 2010. Additionally, this update contains stability and performance improvements. Issu...
CVE-2020-6223
The open document of SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to modify certain error pages to include malicious content. This can misdirect a user who is tricked into accessing these error pages rendered by the application, leading to Content...
CVE-2018-3983
An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor. A specially crafted document can cause an array fetch to return an uninitialized pointer and then performs some arithmetic before writing a value to the result. Usage of this...
libreoffice: Arbitrary python functions in arbitrary modules on the filesystem can be executed without warning
It was found that libreoffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system...
DEBIAN-CVE-2018-12392
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
CVE-2018-4038
An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...
Design/Logic Flaw
An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...
CVE-2018-4038
An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...
CVE-2018-4038
An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...
CVE-2018-4038
CVE-2018-4038 is a memory-corruption, arbitrary-write vulnerability in the Atlantis Word Processor open document format parser. Cisco Talos details show the issue stems from an insecure length handling in the NewAnsiString path within the parser’s buffer/heap management (text processing via LStrS...
Atlantis Word Processor open document format parser security vulnerability
Atlantis Word Processor is a suite of word processor software from the Atlantis Word Processor team. open document format parser is one of the open document format parsers. A security vulnerability exists in the open document format parser in Atlantis Word Processor versions 3.2.7.1 and 3.2.7.2. ...
Mozilla: Crash with nested event loops
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
CVE-2018-3982
An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor 3.0.2.3 and 3.0.2.5. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an...
Adobe Acrobat/Reader Security Bypass Vulnerability (CNVD-2018-11736)
Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat/Reader has a security bypass vulnerability. Remote attackers can be induced...
CVE-2018-3845
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution...
PT-2018-16239 · Hyland · Hyland Perceptive Document Filters
Name of the Vulnerable Software and Affected Versions: Hyland Perceptive Document Filters versions 11.4.0.2647 and later, prior to the fixed version, are not specified, however, it is clear that version 11.4.0.2647 is affected. Description: A crafted OpenDocument document can cause a SkCanvas...
LibreOffice < 3.5.7 / 3.6.1 Multiple Denial of Service Vulnerabilities (Mac OS X)
A version of LibreOffice prior to 3.5.7 / 3.6.1 is installed on the remote Mac OS X host. It is, therefore, reportedly affected by multiple denial of service vulnerabilities in various import filters: - Excel .xls - Windows Meta File .wmf - Open Document Format .odg / .odt This could allow a remo...
LibreOffice < 3.5.7 / 3.6.1 Multiple Denial of Service Vulnerabilities
A version of LibreOffice prior to 3.5.7 / 3.6.1 is installed on the remote Windows host. It is, therefore, reportedly affected by multiple denial of service vulnerabilities in various import filters: - Excel .xls - Windows Meta File .wmf - Open Document Format .odg / .odt This could allow a remot...
LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities (Mac OS X)
This host is installed with LibreOffice and is prone to buffer overflow vulnerabilities. OpenVAS Vulnerability Test $Id: gblibreofficexmlmanifestbofvulnmacosx.nasl 5888 2017-04-07 09:01:53Z teissa $ LibreOffice XML Manifest Handling Buffer Overflow Vulnerabilities Mac OS X Authors: Rachana Shetty...