[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78764

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 11326 Download | Alert*

simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error."

Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.

The host is installed with OpenOffice.org (OOo) before 3.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a WPD document that causes a negative array index to be used. Successful exploitation could allow attackers to execute arbitrary code.

The host is installed with OpenOffice 3.3 or LibreOffice before 3.4.6 or 3.5.x before 3.5.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fails to handle a crafted XML external entity (XXE) declaration and reference in an RDF document. Successful exploitation could allow attackers to disclose sensitive information.

The host is installed with OpenOffice.org before 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted embedded image object. Successful exploitation could allow attackers to crash the service.

The host is installed with OpenOffice.org (OOo) 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to properly handle the length of an Escher graphics record in a PowerPoint (.ppt) document. Successful exploitation could allow attackers to crash the service.

The host is installed with OpenOffice.org less than or equal to 3.4.0 or LibreOffice before 3.5.5 and is prone to multiple heap based buffer overflow vulnerabilities. The flaws are present in the applications, which fail to handle a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, duplicate tags, or a Base64 ChecksumAttribute whose length is not evenly di ...

The host is installed with OpenOffice.org 3.3.0 or prior or LibreOffice before 3.4.3 and is prone to denial of service vulnerability. A flaw is present in the applications, which fails to properly a handle crafted DOC file that can trigger an out-of-bounds read. Successful exploitation allows remote attackers to execute arbitrary code on the target system.

Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9, Netscape 8.0.2, and K-Meleon 0.9 runs XBL scripts even when Javascript has been disabled, which makes it easier for remote attackers to bypass such protection.

The host is installed with Apache OpenOffice.org before 4 and is prone to memory corruption vulnerability. The flaw is present in the application, which fails to properly handle invalid PLCF data in a DOC document file. Successful exploitation allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   1132

© 2013 SecPod Technologies