Lucene search

K
OpenofficeOpenoffice.org

7 matches found

CVE
CVE
added 2008/06/10 6:32 p.m.68 views

CVE-2008-2152

Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.

9.3CVSS7.9AI score0.0304EPSS
CVE
CVE
added 2008/10/30 8:0 p.m.65 views

CVE-2008-2237

Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document.

9.3CVSS7.8AI score0.11236EPSS
CVE
CVE
added 2008/04/17 7:5 p.m.59 views

CVE-2007-5746

Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.

6.8CVSS8AI score0.07722EPSS
CVE
CVE
added 2008/10/30 8:0 p.m.52 views

CVE-2008-2238

Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.

9.3CVSS7.8AI score0.11236EPSS
CVE
CVE
added 2008/04/17 7:5 p.m.50 views

CVE-2008-0320

Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.

9.3CVSS8AI score0.82EPSS
CVE
CVE
added 2008/11/05 3:0 p.m.44 views

CVE-2008-4937

senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file.

2.6CVSS7.1AI score0.00042EPSS
CVE
CVE
added 2008/08/01 2:41 p.m.29 views

CVE-2008-3437

OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.

7.5CVSS7.4AI score0.00779EPSS