Opera may execute command line embedded in URLs

Opera for UNIX uses a wrapper shell script to start up Opera.This shell script reads the input arguments, like the file namesor URLs that Opera is to open. It also performs some environmentchecks, for example whether Java is available and if so, where itis located.This wrapper script can also run...

opera -- command line URL shell command injection

An Opera Advisory reports: Opera for UNIX uses a wrapper shell script to start up Opera. This shell script reads the input arguments, like the file names or URLs that Opera is to open. It also performs some environment checks, for example whether Java is available and if so, where it is located...

Fedora Core 3 : openoffice.org-1.1.3-11.5.0.fc3 (2005-316)

This update fixes many International Input issues with the IIIMF input framework, and also fixes the CVE-2005-0941 security issue recently made public. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempte...

Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2005:082)

AD-LAB discovered a heap overflow in the StgCompObjStream::Load function when OpenOffice.org processes DOC documents. If an attacker created a malicious DOC document that contained a specially crafted header, it could execute arbitrary code with the rights of the user running OpenOffice.org. The...

openoffice.org security update

CentOS Errata and Security Advisory CESA-2005:375 Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a wo...

Important: Red Hat Security Advisory: openoffice.org security update

Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager,...

RHEL 4 : openoffice.org (RHSA-2005:375)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:375 advisory. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula...

GLSA-200504-13 : OpenOffice.Org: DOC document Heap Overflow

The remote host is affected by the vulnerability described in GLSA-200504-13 OpenOffice.Org: DOC document Heap Overflow AD-LAB has discovered a heap overflow in the 'StgCompObjStream::Load' function when processing DOC documents. Impact : An attacker could design a malicious DOC document containi...

OpenOffice.Org: DOC document Heap Overflow

Background OpenOffice.org is an office productivity suite, including word processing, spreadsheets, presentations, drawings, data charting, formula editing, and file conversion facilities. Description AD-LAB has discovered a heap overflow in the "StgCompObjStream::Load" function when processing D...

CVE-2005-0941

The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain...

Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2004:103)

A vulnerability in OpenOffice.org was reported by pmladek where a local user may be able to obtain and read documents that belong to another user. The way that OpenOffice.org created temporary files, which used the user's umask to create the file, could potentially allow for other users to have...

Moderate: Red Hat Security Advisory: openoffice.org security update

Updated openoffice.org packages that fix a security issue in temporary file handling are now available. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Secunia...

RHEL 3 : openoffice.org (RHSA-2004:446)

Updated openoffice.org packages that fix a security issue in temporary file handling are now available. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Secunia...

GLSA-200405-04 : OpenOffice.org vulnerability when using DAV servers

The remote host is affected by the vulnerability described in GLSA-200405-04 OpenOffice.org vulnerability when using DAV servers OpenOffice.org includes code from the Neon library in functions related to publication on WebDAV servers. This library is vulnerable to several format string attacks...

Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2004:078)

The OpenOffice.org office suite contains an internal libneon library which allows it to connect to WebDAV servers. This internal library is subject to the same vulnerabilities that were fixed in libneon recently. These updated packages contain fixes to libneon to correct the several format string...

Important: Red Hat Security Advisory: openoffice.org security update

Updated OpenOffice packages that fix a vulnerability in neon exploitable by a malicious DAV server are now available. OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. OpenOffice internally uses inbuilt code from neon, an HTTP and WebDAV client...