Staroffice
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0174 | 0.03 | — | 0.06 | Mar 9, 2000 | StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||
| CVE-2007-2834 | 0.01 | — | 0.11 | Sep 18, 2007 | Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an… | |||
| CVE-2006-5870 | 0.01 | — | 0.08 | Dec 31, 2006 | Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer… | |||
| CVE-2006-5201 | 0.00 | — | 0.03 | Oct 10, 2006 | Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an… | |||
| CVE-2006-3117 | 0.00 | — | 0.04 | Jun 30, 2006 | Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5)… | |||
| CVE-2006-2198 | 0.00 | — | 0.03 | Jun 30, 2006 | OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. | |||
| CVE-2006-2199 | 0.00 | — | 0.03 | Jun 30, 2006 | Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. | |||
| CVE-2000-1156 | 0.00 | — | 0.00 | Jan 9, 2001 | StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice. | |||
| CVE-2000-0291 | 0.00 | — | 0.00 | Apr 16, 2000 | Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. | |||
| CVE-2000-0175 | 0.00 | — | 0.02 | Mar 9, 2000 | Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. |
- CVE-2000-0174Mar 9, 2000risk 0.03cvss —epss 0.06
StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
- CVE-2007-2834Sep 18, 2007risk 0.01cvss —epss 0.11
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an…
- CVE-2006-5870Dec 31, 2006risk 0.01cvss —epss 0.08
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer…
- CVE-2006-5201Oct 10, 2006risk 0.00cvss —epss 0.03
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an…
- CVE-2006-3117Jun 30, 2006risk 0.00cvss —epss 0.04
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5)…
- CVE-2006-2198Jun 30, 2006risk 0.00cvss —epss 0.03
OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
- CVE-2006-2199Jun 30, 2006risk 0.00cvss —epss 0.03
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.
- CVE-2000-1156Jan 9, 2001risk 0.00cvss —epss 0.00
StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.
- CVE-2000-0291Apr 16, 2000risk 0.00cvss —epss 0.00
Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.
- CVE-2000-0175Mar 9, 2000risk 0.00cvss —epss 0.02
Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.