Filtered by vendor Apache Subscriptions
Filtered by product Openoffice Subscriptions
Total 54 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0179 4 Apache, Debian, Redhat and 1 more 7 Openoffice, Subversion, Debian Linux and 4 more 2024-08-08 N/A
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
CVE-2007-2834 5 Apache, Canonical, Debian and 2 more 6 Openoffice, Ubuntu Linux, Debian Linux and 3 more 2024-08-07 N/A
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.
CVE-2008-3282 3 Apache, Fedoraproject, Redhat 3 Openoffice, Fedora, Enterprise Linux 2024-08-07 7.8 High
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.
CVE-2009-3301 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.
CVE-2009-3302 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."
CVE-2009-2950 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression.
CVE-2009-2949 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
CVE-2010-4643 2 Apache, Redhat 2 Openoffice, Enterprise Linux 2024-08-07 N/A
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office document.
CVE-2010-4494 10 Apache, Apple, Debian and 7 more 18 Openoffice, Iphone Os, Itunes and 15 more 2024-08-07 N/A
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
CVE-2010-4253 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document.
CVE-2010-4008 9 Apache, Apple, Canonical and 6 more 16 Openoffice, Iphone Os, Itunes and 13 more 2024-08-07 N/A
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.
CVE-2010-3689 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3452 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document.
CVE-2010-3453 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write.
CVE-2010-3450 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files.
CVE-2010-3454 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write.
CVE-2010-3451 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2024-08-07 N/A
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document.
CVE-2010-0395 7 Apache, Canonical, Debian and 4 more 7 Openoffice, Ubuntu Linux, Debian Linux and 4 more 2024-08-07 N/A
OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.
CVE-2010-0136 3 Apache, Canonical, Debian 3 Openoffice, Ubuntu Linux, Debian Linux 2024-08-07 N/A
OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.
CVE-2011-2177 1 Apache 1 Openoffice 2024-08-06 7.8 High
OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools.