Openoffice : Security Vulnerabilities, CVEs, Published In 2005
OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings.
Max CVSS
4.6
EPSS Score
0.05%
Published
2005-12-31
Updated
2009-11-12
The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow.
Max CVSS
5.1
EPSS Score
3.94%
Published
2005-05-02
Updated
2017-10-11
2 vulnerabilities found