CVE-2015-1774

CVE-2015-1774 affects LibreOffice and Apache OpenOffice via the HWP filter. A crafted HWP document can trigger an out-of-bounds write, allowing remote DoS or possible arbitrary code execution. Affected: LibreOffice before 4.3.7 and 4.4.x before 4.4.2; OpenOffice before 4.1.2. Remediation varies b...

CVE-2018-10583

CVE-2018-10583 is an information-disclosure vulnerability affecting LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 where processing a malicious ODT file can trigger an SMB connection (e.g., xlink:href=file://192.168.0.2/test.jpg) and disclose sensitive information. Public references and cha...

CVE-2010-3450

CVE-2010-3450 is a vulnerability in OpenOffice.org 2.x/3.x up to 3.3 where a directory traversal flaw in handling of XSLT JAR filter descriptions and OpenOffice.org Extension (.oxt) files (and, in some listings, related JAR/ZIP entries) allows remote attackers to overwrite arbitrary files via a c...

CVE-2010-3451

CVE-2010-3451 is a use-after-free vulnerability in OpenOffice.org’s oowriter (OOo) 2.x and 3.x up to before 3.3. It allows remote attackers to crash the application or potentially execute arbitrary code via malformed tables in an RTF document. The issue arises from insecure parsing of RTF tables,...

CVE-2010-4494

CVE-2010-4494 is a double-free vulnerability in libxml2 (notably 2.7.8 and related versions) used by Chrome and other products. The issue affects libxml2’s handling of XPath/XML entities and could allow a remote attacker to crash or potentially execute code via crafted XML input. Public advisorie...

CVE-2010-0395

CVE-2010-0395 affects OpenOffice.org 2.x/3.0 up to 3.2.0.x; a crafted OpenDocument Text file can bypass Python macro security restrictions and cause remote code execution by a user-assisted action when the macro directory is previewed. The underlying issue is insufficient enforcement of Python ma...

CVE-2014-3524

CVE-2014-3524 concerns Apache OpenOffice (and related LibreOffice/OpenOffice components) with a remote code execution risk via a crafted Calc spreadsheet. The NVD entry assigns CVSSv2 base score 9.3 (HIGH) and notes the issue affects OpenOffice before 4.1.1. Public details in connected documents ...

CVE-2010-4643

OpenOffice.org/OpenOffice.org Impress (2.x–3.x) contains a heap-based buffer overflow in the TGA (Truevision TGA) image handling that can be triggered by a crafted TGA file embedded in ODF or Office documents, potentially causing crashes or arbitrary code execution. The CVE is referenced across m...

CVE-2010-3454

OpenOffice.org/OpenOffice.org2/3.x before 3.3 is affected by multiple off-by-one and out-of-bounds write flaws in WW8DopTypography::ReadFromMem (OOo), triggered by crafted Word .DOC typography data. This can cause denial of service or arbitrary code execution. Remediation: apply the patched/OpenO...

CVE-2017-3157

CVE-2017-3157 affects Apache OpenOffice versions older than 4.1.4. The flaw arises in Calc/Writer when rendering embedded objects, enabling an attacker to craft a document that discloses files from the user’s filesystem (e.g., via hidden sections) and trick the user into saving/shipping the docum...

CVE-2015-5212

CVE-2015-5212 describes an integer underflow in LibreOffice (pre-4.4.5) and Apache OpenOffice (pre-4.1.2) when the document loads printer settings (PrinterSetup) with the document. A remote attacker can trigger memory corruption or potentially execute arbitrary code, via crafted ODF documents, le...

CVE-2009-3302

Summary (CVE-2009-3302) OpenOffice.org (OOo) Word import processing has a boundary error in sprmTSetBrc that can cause memory corruption. This vulnerability could allow a remote attacker to crash the application or potentially execute arbitrary code when processing crafted Word documents. The iss...

CVE-2009-2949

CVE-2009-2949 refers to an integer overflow in OpenOffice.org's XPM parsing, specifically the XPMReader path, causing a heap-based buffer overflow. The issue affects OpenOffice.org prior to 3.2 and can allow a remote attacker to execute arbitrary code by supplying a crafted XPM file. Multiple Ope...

CVE-2009-2950

CVE-2009-2950 is a heap-based buffer overflow in OpenOffice.org’s GIFLZWDecompressor (decode.cxx) that can be triggered by a crafted GIF file, potentially causing an application crash or arbitrary code execution. Affected product: OpenOffice.org prior to 3.2. Connected advisories (Debian, Red Hat...

CVE-2010-3453

CVE-2010-3453 affects OpenOffice.org upstream: WW8ListManager in oowriter handles Word .DOC WW8 list data; root cause is an out-of-bounds/heap write due to an unspecified list levels count in user-defined styles. Affected products are OpenOffice.org 2.x and 3.x prior to 3.3. Consequences include ...

CVE-2009-3301

CVE-2009-3301: OpenOffice.org before 3.2 is affected by an memory corruption in sprmTDefTable when parsing Word documents, caused by an underflow in a Word table property modifier. This can trigger a denial of service (crash) and potentially allow arbitrary code execution if a crafted Word docume...

CVE-2010-4253

CVE-2010-4253 is confirmed in OpenOffice/OpenOffice Impress. The vulnerability is a heap-based buffer overflow in Impress of OpenOffice.org 2.x and 3.x (before 3.3) triggered by a crafted PNG inside an ODF or Microsoft Office document (e.g., PowerPoint), leading to a remote crash or possible arbi...

CVE-2012-2665

CVE-2012-2665 affects OpenOffice.org and LibreOffice prior to 3.5.5. The issue is a heap-based buffer overflow in the XML manifest encryption tag parsing when processing Open Document Text (.odt) files. An attacker could craft an ODT with (1) a child tag under an incorrect parent, (2) duplicate t...

CVE-2015-4551

CVE-2015-4551: LibreOffice (before 4.4.5) and Apache OpenOffice (before 4.1.2) may disclose local-file data via crafted documents by processing LinkUpdateMode configuration data stored in OpenDocument Format templates/files. Connected sources confirm the affected versions and the root cause in Op...

CVE-2010-3452

CVE-2010-3452 is a use-after-free in OpenOffice.org’s oowriter that can crash the application or, potentially, allow arbitrary code execution via crafted RTF tags. Affected: OpenOffice.org 2.x/3.x before 3.3. Remediation: apply vendor security updates; advisories from multiple vendors (openSUSE/S...

CVE-2015-5213

CVE-2015-5213 is an integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, triggered by parsing long DOC documents, causing memory corruption and possible remote code execution or crash (DoS). Multiple connected advisories confirm this class of flaw and identify affected...

CVE-2015-5214

CVE-2015-5214 affects LibreOffice and Apache OpenOffice. The vulnerability arises from incorrect handling of bookmark indices in DOC files, allowing a remote attacker to trigger memory corruption and application crash or to execute arbitrary code. Affected versions include LibreOffice prior to 4....

CVE-2012-5639

CVE-2012-5639 affects OpenOffice/LibreOffice where embedded content is opened automatically without a warning. Public references in Nessus/NCSC suggest OpenOffice has received fixes in OpenOffice 4.1.15, addressing this and related CVEs (e.g., CVE-2023-47804, CVE-2023-1183, CVE-2022-43680). The p...

CVE-2016-6804

Summary: CVE-2016-6804 affects the Windows installer for Apache OpenOffice (pre-4.1.3, including OpenOffice.org branding). The issue stems from a search-path defect where a malicious DLL file in the installation directory can be used to impersonate a dependent DLL, enabling arbitrary code executi...

CVE-2017-12608

CVE-2017-12608 affects the Apache OpenOffice/ OpenOffice Writer DOC file parser (before 4.1.4), specifically in ImportOldFormatStyles. A crafted DOC document can trigger memory corruption leading to denial of service and may potentially allow arbitrary code execution. Exploitation status and exac...

CVE-2010-4008

CVE-2010-4008 affects libxml2 prior to 2.7.8 and is triggered by malformed XPath expressions, causing an application crash via invalid memory access. It is noted in advisories tied to libxml2 updates for platforms using the library (e.g., Chrome and Safari stacks). The connected records reference...

CVE-2017-12607

CVE-2017-12607 affects OpenOffice/OpenOffice.org and specifically the PPT file parser’s PPTStyleSheet. A crafted PPT document can trigger memory corruption and an application crash, with potential for arbitrary code execution. Vulnerable: OpenOffice prior to 4.1.4. Mitigation: upgrade to a fixed ...

CVE-2022-38745

CVE-2022-38745 : The vulnerability described as “Empty entry in Java class path” is referenced across multiple advisories in connected documents, affectingLibreOffice packages (e.g., MiracleLinux, Red Hat, Oracle Linux, Alibaba Cloud Linux) and OpenOffice-related contexts. The common impact is po...

CVE-2008-3282

CVE-2008-3282 : A numeric truncation error in the OpenOffice.org memory allocator (rtl_allocateMemory) used by OpenOffice.org on 64-bit platforms can cause a crash or potentially allow code execution when a crafted file is opened. Public advisories describe this in OpenOffice.org updates; success...

CVE-2010-3689

CVE-2010-3689 affects OpenOffice.org (OpenOffice.org/OpenOffice) within the 3.x line prior to 3.3. The issue arises when soffice sets LD_LIBRARY_PATH with a zero-length directory name, enabling a local attacker to place a Trojan horse shared library in the current working directory and elevate pr...

CVE-2014-3575

CVE-2014-3575 affects OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org, enabling remote attackers to embed arbitrary data into documents via crafted OLE objects. Connected advisories corroborate this OLE-generation flaw and its association with OpenOffice/LibreOffice su...

CVE-2018-11790

CVE-2018-11790 affects Apache OpenOffice 4.1.5 and earlier. The flaw is an arithmetic overflow in a string-length calculation when loading a document with an end-of-line termination smaller than the OS uses, triggered by handling virtual tables. Exploitation details are not explicitly provided in...

CVE-2021-30245

CVE-2021-30245 affects Apache OpenOffice up to version 4.1.9 (and 4.1.8); the issue arises from handling non-http(s) hyperlinks, where a specially crafted link could lead to untrusted code execution when a user opens a document. The root cause is related to hyperlink handling that accepts non-htt...

CVE-2022-37401

CVE-2022-37401 describes weak master-key encoding in OpenOffice/OpenOffice-derived LibreOffice implementations that protects web-connection passwords in the user configuration database. The root cause is poor encoding of the master key, dropping entropy from 128 bits to 43 bits, which enables bru...

CVE-2021-33035

CVE-2021-33035 describes a buffer overflow in Apache OpenOffice when reading DBF files: the size of certain DBF fields isn’t checked, causing overflow of allocated space and potential arbitrary code execution via stack manipulation. Affected products: Apache OpenOffice up to and including 4.1.10....

CVE-2017-9806

CVE-2017-9806 affects Apache OpenOffice Writer DOC parsing prior to 4.1.4, due to an issue in the WW8Fonts constructor that can be triggered by crafted DOC files. This memory-corruption/vector leads to denial of service and potentially arbitrary code execution. Affected product: OpenOffice/OpenOf...

CVE-2012-0037

The CVE-2012-0037 issue affects Redland Raptor (libraptor) and is triggered when parsing RDF/XML with an XXE declaration. The vulnerability allows user-assisted remote attackers to read arbitrary files via crafted RDF documents, as observed in libraptor versions used by OpenOffice/LibreOffice lin...

CVE-2010-0136

CVE-2010-0136 affects OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 where VBA macro security settings are not properly enforced, enabling remote attackers to execute arbitrary macros via crafted documents. The issue stems from insufficient enforcement of VBA macro security in the ooo-build/OpenOff...

CVE-2021-41831

The connected documents confirm a vulnerability in LibreOffice's handling of digital signatures in ODF documents (CVE-2021-25634). An Improper Certificate Validation flaw allowed an attacker to modify a digitally signed ODF document to insert an extra signing time timestamp, which LibreOffice cou...

CVE-2022-37400

CVE-2022-37400 affects Apache OpenOffice and LibreOffice: a flaw where the initialization vector for encrypting stored web-connection passwords is always the same, weakening encryption if an attacker gains access to the user’s configuration data. The issue impacts Apache OpenOffice

CVE-2007-2834

The CVE describes a heap-based buffer overflow in the TIFF parser of OpenOffice.org (and StarOffice/StarSuite) caused by an integer overflow when processing TIFF files, enabling remote arbitrary code execution. The issue affects OpenOffice.org-based suites prior to version 2.3 and StarOffice/Star...

CVE-2016-1513

The CVE-2016-1513 issue affects Apache OpenOffice Impress (4.1.2 and earlier). It arises from improper handling of MetaActions in OpenDocument (.odp) and Presentation Template (.otp) files, causing an out-of-bounds read/write that can lead to denial of service or arbitrary code execution. The vul...

CVE-2021-41830

CVE-2021-41830 describes an imbalance in trust validation where an attacker can manipulate signed documents and macros to appear from a trusted source, affecting Apache OpenOffice up to 4.1.10. The initial advisory recommends updating to OpenOffice 4.1.11. Connected documents discuss related Libr...

CVE-2022-47502

Apache OpenOffice

CVE-2021-41832

CVE-2021-41832 concerns Apache OpenOffice data forgery via signature manipulation. The issue allows an attacker to cause a document to appear signed by a trusted source, affecting all OpenOffice versions up to 4.1.10. The advised remediation is to upgrade to OpenOffice 4.1.11. While several relat...

CVE-2021-40439

CVE-2021-40439 maps to Apache OpenOffice’s use of expat. The issue stems from the historic Billion Laughs XML entity expansion vulnerability (CVE-2013-0340) affecting expat in OpenOffice builds up to 4.1.10, with Expat patched in 4.1.11. The linked CNVD entry describes XML external entity injecti...

CVE-2013-4156

CVE-2013-4156 affects Apache OpenOffice.org prior to 4.0, where a crafted OOXML document element can trigger memory corruption, enabling remote denial of service (and possibly other impact). The provided connected docs reference LibreOffice/OpenOffice patches but do not specify a confirmed OpenOf...

CVE-2013-2189

Apache OpenOffice.org/OpenOffice (OOo) versions prior to 4.0 are affected by CVE-2013-2189. The vulnerability arises from processing PLCF data in DOC files, leading to memory corruption and a potential denial of service (and possibly unspecified impact). Remediation is to upgrade to OpenOffice 4....

CVE-2020-13958

Summary: CVE-2020-13958 affects Apache OpenOffice

CVE-2016-6803

CVE-2016-6803 concerns an unquoted Windows search path vulnerability in the Windows installer of Apache OpenOffice prior to 4.1.3. The issue enables a delayed trigger for privilege escalation, requiring a Trojan Horse or user activity with administrative privileges on the PC. The vulnerability is...