Vulnerabilities > Apache > Openoffice
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-08-26 | CVE-2014-3524 | Command Injection vulnerability in multiple products Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet. | 9.3 |
2013-07-31 | CVE-2013-4156 | Out-of-bounds Write vulnerability in Apache Openoffice Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file. | 6.8 |
2013-07-31 | CVE-2013-2189 | Out-of-bounds Write vulnerability in Apache Openoffice Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file. | 6.8 |
2012-06-17 | CVE-2012-0037 | XXE vulnerability in multiple products Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. | 6.5 |
2011-01-28 | CVE-2010-3689 | Path Traversal vulnerability in multiple products soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | 6.9 |
2011-01-28 | CVE-2010-3454 | Off-by-one Error vulnerability in multiple products Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write. | 9.3 |
2011-01-28 | CVE-2010-3452 | Use After Free vulnerability in multiple products Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document. | 9.3 |
2011-01-28 | CVE-2010-3451 | Use After Free vulnerability in multiple products Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document. | 9.3 |
2011-01-28 | CVE-2010-3450 | Path Traversal vulnerability in multiple products Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. | 9.3 |
2010-12-07 | CVE-2010-4494 | Double Free vulnerability in Google Chrome Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | 7.5 |