Vulnerabilities > Libreoffice
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-08-26 | CVE-2014-3524 | Command Injection vulnerability in multiple products Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet. | 9.3 |
| 2012-11-19 | CVE-2012-4233 | NULL Pointer Dereference Denial of Service vulnerability in LibreOffice and OpenOffice LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll. | 4.3 |
| 2012-06-17 | CVE-2012-0037 | XXE vulnerability in multiple products Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. | 6.5 |
| 2011-10-21 | CVE-2011-2713 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser. | 4.3 |
| 2011-07-21 | CVE-2011-2685 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Libreoffice Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file. | 9.3 |