Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2011-01-28 | CVE-2010-3450 | Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. | Openoffice, Ubuntu_linux, Debian_linux | N/A | ||
| 2011-01-28 | CVE-2010-3451 | Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document. | Openoffice, Ubuntu_linux, Debian_linux | N/A | ||
| 2011-01-28 | CVE-2010-3452 | Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document. | Openoffice, Ubuntu_linux, Debian_linux | N/A | ||
| 2011-01-28 | CVE-2010-3689 | soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | Openoffice, Ubuntu_linux, Debian_linux | N/A | ||
| 2015-04-28 | CVE-2015-1774 | The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write. | Openoffice, Ubuntu_linux, Debian_linux, Fedora, Libreoffice, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
| 2015-11-10 | CVE-2015-4551 | LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer. | Openoffice, Ubuntu_linux, Debian_linux, Libreoffice | N/A | ||
| 2015-11-10 | CVE-2015-5212 | Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document. | Openoffice, Ubuntu_linux, Debian_linux, Libreoffice | N/A | ||
| 2017-12-20 | CVE-2017-17784 | In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data. | Ubuntu_linux, Debian_linux, Gimp | 7.8 | ||
| 2017-12-20 | CVE-2017-17785 | In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | Ubuntu_linux, Debian_linux, Gimp | 7.8 | ||
| 2017-12-20 | CVE-2017-17786 | In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image. | Ubuntu_linux, Debian_linux, Gimp | 7.8 |