Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openoffice
(Apache)| Repositories | https://github.com/dajobe/raptor |
| #Vulnerabilities | 53 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2011-01-28 | CVE-2010-3454 | Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write. | Openoffice, Ubuntu_linux, Debian_linux | N/A | ||
| 2011-01-28 | CVE-2010-3450 | Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. | Openoffice, Ubuntu_linux, Debian_linux | N/A | ||
| 2011-01-28 | CVE-2010-3451 | Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document. | Openoffice, Ubuntu_linux, Debian_linux | N/A | ||
| 2011-01-28 | CVE-2010-3452 | Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document. | Openoffice, Ubuntu_linux, Debian_linux | N/A | ||
| 2011-01-28 | CVE-2010-3689 | soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | Openoffice, Ubuntu_linux, Debian_linux | N/A | ||
| 2013-07-31 | CVE-2013-2189 | Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file. | Openoffice | N/A | ||
| 2013-07-31 | CVE-2013-4156 | Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file. | Openoffice | N/A | ||
| 2014-08-26 | CVE-2014-3524 | Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet. | Openoffice, Libreoffice | N/A | ||
| 2014-08-27 | CVE-2014-3575 | The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects. | Openoffice, Libreoffice, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
| 2015-04-28 | CVE-2015-1774 | The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write. | Openoffice, Ubuntu_linux, Debian_linux, Fedora, Libreoffice, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | N/A |