Download
| Alert*
|
oval:org.secpod.oval:def:4753
OpenOffice.org is installed oval:org.secpod.oval:def:42588 The host is installed with Apache OpenOffice before 4.1.4 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to handle a crafted document. Successful exploitation could allow attackers to crash the service or execute arbitrary code. oval:org.secpod.oval:def:42587 The host is installed with Apache OpenOffice before 4.1.4 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to handle a crafted document. Successful exploitation could allow attackers to crash the service or execute arbitrary code. oval:org.secpod.oval:def:42586 The host is installed with Apache OpenOffice before 4.1.4 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to handle a crafted document. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:36741 The host is installed with Apache OpenOffice 4.1.2 or earlier and is prone to an out-of-bounds memory access vulnerability. A flaw is present in the application, which fails to handle crafted MetaActions in an (1) ODP or (2) OTP file. Successful exploitation could allow attackers to crash the servic ... oval:org.secpod.oval:def:600677 Red Hat, Inc. security researcher Huzaifa Sidhpurwala reported multiple vulnerabilities in the binary Microsoft Word file format importer of OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft Office. oval:org.secpod.oval:def:601427 openoffice.org is installed oval:org.secpod.oval:def:26779 The host is installed with Apache OpenOffice.org before 4.1.1 and is prone to arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle crafted OLE objects. Successful exploitation might allow remote attackers to embed arbitrary data into document ... oval:org.secpod.oval:def:600911 High-Tech Bridge SA Security Research Lab discovered multiple null-pointer dereferences based vulnerabilities in OpenOffice which could cause application crash or even arbitrary code execution using specially crafted files. Affected file types are LWP , ODG, PPT and XLS . oval:org.secpod.oval:def:26780 The host is installed with Apache OpenOffice.org before 4.1.1 and is prone to arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a crafted Calc spreadsheet. Successful exploitation allows remote attackers to execute arbitrary commands and p ... oval:org.secpod.oval:def:600585 Will Dormann and Jared Allar discovered that the Lotus Word Pro import filter of OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft Office, is not properly handling object ids in the ".lwp" file format. An attacker can exploit t ... oval:org.secpod.oval:def:14954 The host is installed with Apache OpenOffice.org before 4 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle invalid PLCF data in a DOC document file. Successful exploitation allows remote attackers to cause a denial of service (me ... oval:org.secpod.oval:def:14955 The host is installed with Apache OpenOffice.org before 4 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle a crafted element in an OOXML document file. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:42585 The host is installed with Apache OpenOffice before 4.1.4 and is prone to an arbitrary file disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted document. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:26859 The host is installed with LibreOffice before 4.3.7001, 4.4.x before 4.4.2002 or Apache OpenOffice before 4.1.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to handle a crafted HWP document. Successful exploitation could allow attackers to c ... oval:org.secpod.oval:def:31652 The host is installed with LibreOffice before 4.4.5001 or Apache OpenOffice before 4.1.2 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which use the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handl ... oval:org.secpod.oval:def:31653 The host is installed with LibreOffice before 4.4.5001 or Apache OpenOffice before 4.1.2 and is prone to an integer underflow vulnerability. A flaw is present in the applications, which fail to handle a crafted PrinterSetup data in an ODF document. Successful exploitation could allow attackers to ca ... oval:org.secpod.oval:def:31654 The host is installed with LibreOffice before 4.4.5 or Apache OpenOffice before 4.1.2 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle a long DOC file, which triggers a buffer overflow. Successful exploitation could allow attackers to cau ... oval:org.secpod.oval:def:31655 The host is installed with LibreOffice before 4.4.6001, 5.x before 5.0.1002 or Apache OpenOffice before 4.1.2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle an index to a non-existent bookmark in a DOC file. Successful exploitation coul ... oval:org.secpod.oval:def:600861 Timo Warns from PRE-CERT discovered multiple heap-based buffer overflows in OpenOffice.org, an office productivity suite. The issues lies in the XML manifest encryption tag parsing code. Using specially crafted files, an attacker can cause application crash and could cause arbitrary code execution. oval:org.secpod.oval:def:600809 Tielei Wang discovered that OpenOffice.org does not allocate a large enough memory region when processing a specially crafted JPEG object, leading to a heap-based buffer overflow and potentially arbitrary code execution. oval:org.secpod.oval:def:600825 It was discovered that OpenOffice.org would not properly process crafted document files, possibly leading to arbitrary code execution. CVE-2012-1149 Integer overflows in PNG image handling CVE-2012-2334 Integer overflow in operator new[] invocation and heap-based buffer overflow inside the MS-ODRAW ... oval:org.secpod.oval:def:67208 The host is installed with Apache OpenOffice 4.x before 4.1.8 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle unrestricted actions in a crafted document. Successful exploitation could allow an attacker to construct documents cont ... oval:org.secpod.oval:def:7158 The host is installed with OpenOffice.org (OOo) before 3.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a WPD document that causes a negative array index to be used. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:7160 The host is installed with OpenOffice.org before 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to handle a crafted embedded image object. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:7161 The host is installed with OpenOffice.org (OOo) 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to properly handle the length of an Escher graphics record in a PowerPoint (.ppt) document. Successful exploitation co ... oval:org.secpod.oval:def:7162 The host is installed with OpenOffice.org less than or equal to 3.4 or LibreOffice before 3.5.5 and is prone to multiple heap based buffer overflow vulnerabilities. The flaws are present in the applications, which fail to handle a crafted Open Document Text (.odt) file with (1) a child tag within an ... oval:org.secpod.oval:def:71728 The host is installed with Apache OpenOffice before 4.1.10 and is prone to an untrusted code execution vulnerability. A flaw is present in the application, which fails to handle non-http(s) hyperlinks. Successful exploitation could allow attackers to cause untrusted code execution. oval:org.secpod.oval:def:75557 The host is installed with Apache OpenOffice 4.1.10 or earlier and is prone to an improper restriction of XML external entity reference vulnerability. A flaw is present in the application, which fails to handle issue in ODF files. Successful exploitation could allow attackers to cause denial of serv ... oval:org.secpod.oval:def:50578 The host is installed with Apache OpenOffice through 4.1.5 and is prone to an arithmetic overflow vulnerability. A flaw is present in the application, which fails to handle a crafted document. Successful exploitation could allow attackers to cause an arithmetic overflow. oval:org.secpod.oval:def:50612 The host is installed with LibreOffice 6.0 before 6.0.7, 6.1 before 6.1.3 or OpenOffice through 4.1.6 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a directory traversal flaw. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:88741 The host is installed with Apache OpenOffice through 4.1.13 and is prone to an arbitrary java code execution vulnerability. A flaw is present in the application, which fails to properly handle an empty entry in the Java class path. Successful exploitation could allow attackers to run arbitrary Java ... oval:org.secpod.oval:def:88740 The host is installed with Apache OpenOffice through 4.1.13 and is prone to an arbitrary script execution vulnerability. A flaw is present in the application, which fails to properly handle the links that call internal macros with arbitrary arguments. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:7159 The host is installed with OpenOffice 3.3 or LibreOffice before 3.4.6 or 3.5.x before 3.5.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted XML external entity (XXE) declaration and reference in an RDF document. Successfu ... |
