Openoffice Security Vulnerabilities and Issues — Openoffice CVE List

Lucene search

ApacheOpenoffice

10 matches found

CVE•added 2015/04/28 2:59 p.m.•180 views

CVE-2015-1774

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.

6.8CVSS7.7AI score0.27958EPSS

CVE•added 2015/11/10 5:59 p.m.•118 views

CVE-2015-5212

Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code vi...

6.8CVSS8.1AI score0.44545EPSS

CVE•added 2015/11/10 5:59 p.m.•100 views

CVE-2015-5214

LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.

6.8CVSS7.8AI score0.29516EPSS

CVE•added 2019/12/20 2:15 p.m.•95 views

CVE-2012-5639

LibreOffice and OpenOffice automatically open embedded content

6.5CVSS7.3AI score0.00607EPSS

CVE•added 2015/11/10 5:59 p.m.•95 views

CVE-2015-5213

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

6.8CVSS8.3AI score0.07579EPSS

CVE•added 2011/01/28 10:0 p.m.•84 views

CVE-2010-3689

soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9CVSS6.2AI score0.00056EPSS

CVE•added 2012/06/17 3:41 a.m.•69 views

CVE-2012-0037

Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF documen...

6.5CVSS6.2AI score0.00534EPSS

CVE•added 2013/07/31 1:20 p.m.•61 views

CVE-2013-4156

Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.

6.8CVSS7.2AI score0.01221EPSS

CVE•added 2021/10/07 4:15 p.m.•61 views

CVE-2021-40439

Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a "Billion Laughs" entity expansion denial of service attack and exploit via crafted XML files. ODF files consist of a set of XML files. All versions of Apache OpenOffice up to 4.1.10 are sub...

6.5CVSS7.5AI score0.00456EPSS

CVE•added 2013/07/31 1:20 p.m.•60 views

CVE-2013-2189

Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.

6.8CVSS7.4AI score0.01221EPSS