High

DATE	CVE	VULNERABILITY TITLE	RISK
2008-08-01	CVE-2008-3437	Code Injection vulnerability in Openoffice Openoffice.Org OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. network low complexity openoffice CWE-94	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.