10 matches found
CVE-2007-2834
The CVE describes a heap-based buffer overflow in the TIFF parser of OpenOffice.org (and StarOffice/StarSuite) caused by an integer overflow when processing TIFF files, enabling remote arbitrary code execution. The issue affects OpenOffice.org-based suites prior to version 2.3 and StarOffice/Star...
CVE-2006-2198
CVE-2006-2198 affects OpenOffice.org/StarOffice from 1.1.x (up to 1.1.5) and 2.0.x before 2.0.3. A user‑supplied OpenOffice document containing a malicious BASIC macro can execute without prompting, enabling the macro to run with the current user’s privileges. This can lead to unauthorized activi...
CVE-2006-5201
CVE-2006-5201 affects Sun Solaris components (notably NSS, NSS-based libraries, Java JDK/JRE, JSSE, IPSec/IKE, and related Sun products). The root cause is when using an RSA key with exponent 3 that removes PKCS #1 padding prior to hash generation, enabling remote attackers to forge a PKCS #1 v1....
CVE-2006-5870
CVE-2006-5870 affects OpenOffice.org 2.0.4 and earlier and StarOffice 6–8, enabling user-assisted remote code execution via crafted WMF/EMF files that trigger heap-based overflows during META_ESCAPE and EMR_POLYPOLYGON processing. Connected advisories (e.g., RHSA-2007:0001) confirm a backported f...
CVE-2006-2199
OpenOffice.org Java sandbox escape (CVE-2006-2199) affects OpenOffice/StarOffice releases up to 2.0.x before 2.0.3 and 1.1.x up to 1.1.5. A user-invoked Java applet in a document could break sandbox restrictions and run arbitrary code with the caller’s privileges. Connected advisories show distri...
CVE-2006-3117
CVE-2006-3117 affects OpenOffice.org (StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3. A heap-based buffer overflow in parsing OpenOffice XML documents allows a user-assisted attacker to execute arbitrary code via crafted files, affecting multiple editors (Calc, Draw, Impress, Math, Writer)....
CVE-2000-0291
CVE-2000-0291 describes a buffer overflow in Star Office 5.1 triggered by embedding a long URL in a document, resulting in a denial of service. The NVD entry reports a base score of 4.6 (Medium) with local, low complexity access and partial impacts to confidentiality, integrity, and availability....
CVE-2000-0175
The CVE-2000-0175 entry describes a buffer overflow in the StarOffice StarScheduler web server that allows a remote attacker to gain root access by sending a crafted, long GET request. Affected component is the web server component of StarOffice's StarScheduler; the vulnerability is triggered by ...
CVE-2000-0174
The CVE-2000-0174 vulnerability affects the StarOffice StarScheduler web server, which allows remote attackers to read arbitrary files through a directory traversal (..). The public descriptions consistently state a file-read via .. (dot dot) path; no additional exploit or mitigation details are ...
CVE-2000-1156
CVE-2000-1156 affects StarOffice 5.2. StarOffice 5.2 follows symlinks and creates a world-readable /tmp/soffice.tmp directory, enabling a local user to read files belonging to the user running StarOffice. The provided sources describe the vulnerability condition but do not specify a vendor patch ...