VYPR

Vendor CVEs

Openoffice

All CVEs

59 total · sorted by risk
  • CVE-2007-0239Mar 21, 2007
    risk 0.00cvss epss 0.03

    OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document.

  • CVE-2006-2198Jun 30, 2006
    risk 0.00cvss epss 0.03

    OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.

  • CVE-2006-2199Jun 30, 2006
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.

  • CVE-2006-3117Jun 30, 2006
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5)…

  • CVE-2005-4636Dec 31, 2005
    risk 0.00cvss epss 0.00

    OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings.

  • CVE-2005-4784Dec 31, 2005
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in the POSIX readdir_r function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via (1) a symlink attack that exploits a race condition between opendir and pathcon calls and changes the…

  • CVE-2005-0941May 2, 2005
    risk 0.00cvss epss 0.04

    The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC…

  • CVE-2004-0752Oct 20, 2004
    risk 0.00cvss epss 0.01

    OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users.

  • CVE-2002-2210Dec 31, 2002
    risk 0.00cvss epss 0.00

    The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file.

Page 2 of 2