Apache : Security Vulnerabilities, CVEs, Published In 2015 (Memory corruption) CVSS score >= 2
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.
Max CVSS
6.8
EPSS Score
1.87%
Published
2015-11-10
Updated
2017-07-01
Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.
Max CVSS
6.8
EPSS Score
1.18%
Published
2015-11-10
Updated
2017-07-01
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.
Max CVSS
6.8
EPSS Score
9.55%
Published
2015-11-10
Updated
2022-02-07
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
Max CVSS
6.8
EPSS Score
1.68%
Published
2015-04-28
Updated
2022-02-07
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI.
Max CVSS
5.0
EPSS Score
1.73%
Published
2015-07-20
Updated
2021-06-06
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
Max CVSS
5.0
EPSS Score
4.06%
Published
2015-03-24
Updated
2023-02-05
6 vulnerabilities found