Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openoffice
(Openoffice)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 17 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2006-06-30 | CVE-2006-2199 | Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. | Openoffice, Staroffice | N/A | ||
2006-06-30 | CVE-2006-2198 | OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. | Openoffice, Staroffice | N/A | ||
2005-12-31 | CVE-2005-4636 | OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings. | Openoffice | N/A | ||
2005-05-02 | CVE-2005-0941 | The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow. | Openoffice | N/A | ||
2004-10-20 | CVE-2004-0752 | OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users. | Openoffice | N/A | ||
2004-07-07 | CVE-2004-0398 | Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client. | Cadaver_webdav_client, Neon_client_library, Openoffice, Subversion | N/A | ||
2002-12-31 | CVE-2002-2210 | The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file. | Openoffice | N/A |