Vulnerabilities > Openoffice
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-06-16 | CVE-2008-2366 | Configuration vulnerability in Openoffice 1.1 Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use in the RPATH library path. | 4.4 |
| 2008-06-10 | CVE-2008-2152 | Numeric Errors vulnerability in Openoffice Openoffice.Org Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. | 9.3 |
| 2008-04-17 | CVE-2008-0320 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openoffice Openoffice.Org Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream. | 9.3 |
| 2008-04-17 | CVE-2007-5746 | Numeric Errors vulnerability in Openoffice Openoffice.Org Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow. | 6.8 |
| 2008-04-17 | CVE-2007-5745 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openoffice Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records. | 6.8 |
| 2007-12-06 | CVE-2007-4575 | Code Injection vulnerability in Openoffice HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods." | 9.3 |
| 2007-08-08 | CVE-2007-4251 | Denial-Of-Service vulnerability in Openoffice 2.2 OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service. network openoffice | 4.3 |
| 2007-06-12 | CVE-2007-0245 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openoffice Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten. | 9.3 |
| 2007-03-21 | CVE-2007-0239 | Remote Shell Command Execution vulnerability in OpenOffice Meta Character OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. | 9.3 |
| 2007-03-21 | CVE-2007-0238 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openoffice Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note. | 9.3 |