CVE-2014-5236

Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange OX AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remote attackers to read application files via a full pathname in a crafted 1 OLE Object or 2 image in an OpenDocument text file...

Path traversal

Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange OX AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remote attackers to read application files via a full pathname in a crafted 1 OLE Object or 2 image in an OpenDocument text file...

CVE-2014-5238

XML external entity XXE vulnerability in Open-Xchange OX AppSuite before 7.4.2-rev11 and 7.6.x before 7.6.0-rev9 allows remote attackers to read arbitrary files and possibly other unspecified impact via a crafted OpenDocument Text document...

Xxe

XML external entity XXE vulnerability in Open-Xchange OX AppSuite before 7.4.2-rev11 and 7.6.x before 7.6.0-rev9 allows remote attackers to read arbitrary files and possibly other unspecified impact via a crafted OpenDocument Text document...

CVE-2014-5238

CVE-2014-5238 concerns an XML external entity (XXE) vulnerability in Open-Xchange AppSuite. The OpenDocument Text handling allows expansion of XML entities (DTD recursive entities), enabling an attacker to read server files via a crafted document. The NVD entry notes the affected products as Open...

Open Document format creates twist in maldoc landscape

By Warren Mercer and Paul Rascagneres. Introduction Cisco Talos recently observed attackers changing the file formats they use in an attempt to thwart common antivirus engines. This can happen across other file formats, but today, we are showing a change of approach for an actor who has deemed...

volunteercommissioner.gov.cy XSS vulnerability

Open Bug Bounty ID: OBB-665895 Description| Value ---|--- Affected Website:| volunteercommissioner.gov.cy Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Hyland Perceptive Document Filters OpenDocument to JPEG conversion SkCanvas Code Execution vulnerability(CVE-2018-3845)

Summary An exploitable double free exists in the OpenDocument to JPEG conversion functionality of the Hyland Perspective Document Filters version 11.4.0.2647. A crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution. Tested Versions Perceptive...

Hyland Perceptive Document Filters SkCanvas Object Double Release Vulnerability

Hyland Perceptive Document Filters is a toolkit that allows application developers to recognize and extract metadata, as well as convert and render almost any document type. Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux A SkCanvas object double release vulnerability exist...

Hyland Perceptive Document Filters SkCanvas Object Double Release Vulnerability

Hyland Perceptive Document Filters is a toolkit that allows application developers to recognize and extract metadata, as well as convert and render almost any document type. Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux A SkCanvas object double release vulnerability exist...

Double free

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution...

CVE-2018-3855

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution...

CVE-2018-3855

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution...

CVE-2018-3855

CVE-2018-3855 affects Hyland Perceptive Document Filters 11.4.0.2647. The DOC-to-HTML conversion path contains updateNumbering code that can be triggered by a crafted OpenDocument, causing a stack-based overflow/incorrect writes and remote code execution. Public writeups (Talos report TALOS-2018-...

CVE-2018-3845

CVE-2018-3845 affects Hyland Perceptive Document Filters 11.4.0.2647 (x86/x64 Windows/Linux) and related builds, in the OpenDocument to JPEG conversion path. The root cause is a double release/double free of a SkCanvas object during the conversion process, caused by a faulty lifecycle/destruction...

CVE-2018-3845

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution...

CVE-2018-3855

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution...

PT-2018-16249 · Hyland · Hyland Perceptive Document Filters

Name of the Vulnerable Software and Affected Versions: Hyland Perceptive Document Filters version 11.4.0.2647 Description: A crafted OpenDocument document can lead to a SkCanvas object double free, resulting in direct code execution. Recommendations: For version 11.4.0.2647, consider avoiding the...

Hyland Perceptive Document Filters OpenDocument to JPEG conversion SkCanvas Code Execution vulnerability

Summary An exploitable double free exists in the OpenDocument to JPEG conversion functionality of the Hyland Perspective Document Filters version 11.4.0.2647. A crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution. Tested Versions Perceptive...

GLSA-201703-01 : OpenOffice: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201703-01 OpenOffice: User-assisted execution of arbitrary code An exploitable out-of-bounds vulnerability exists in OpenOffice Impress when handling MetaActions. Impact : A remote attacker could entice a user to open a specially...