Vulnerabilities > Openoffice > Openoffice ORG > 1.1.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-02 | CVE-2009-0201 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openoffice Openoffice.Org Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing." | 9.3 |
2009-09-02 | CVE-2009-0200 | Numeric Errors vulnerability in Openoffice Openoffice.Org Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. | 9.3 |
2009-01-22 | CVE-2009-0259 | Resource Management Errors vulnerability in Openoffice Openoffice.Org The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841. | 9.3 |
2008-08-01 | CVE-2008-3437 | Code Injection vulnerability in Openoffice Openoffice.Org OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |