Vulnerabilities > Openoffice > Openoffice ORG > 1.1.5

DATE CVE VULNERABILITY TITLE RISK
2009-09-02 CVE-2009-0201 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openoffice Openoffice.Org
Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing."
network
openoffice CWE-119
critical
9.3
2009-09-02 CVE-2009-0200 Numeric Errors vulnerability in Openoffice Openoffice.Org
Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow.
network
openoffice CWE-189
critical
9.3
2009-01-22 CVE-2009-0259 Resource Management Errors vulnerability in Openoffice Openoffice.Org
The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841.
network
openoffice CWE-399
critical
9.3
2008-08-01 CVE-2008-3437 Code Injection vulnerability in Openoffice Openoffice.Org
OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
network
low complexity
openoffice CWE-94
7.5