Openoffice » Openoffice : Security Vulnerabilities, CVEs, (Overflow)
Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records.
Max CVSS
6.8
EPSS Score
7.09%
Published
2008-04-17
Updated
2017-09-29
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten.
Max CVSS
9.3
EPSS Score
61.85%
Published
2007-06-12
Updated
2018-10-16
Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note.
Max CVSS
9.3
EPSS Score
55.03%
Published
2007-03-21
Updated
2018-10-16
Integer overflow in OpenOffice.org (OOo) 2.1 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted DOC file, as demonstrated by the 12122006-djtest.doc file, a variant of CVE-2006-6561 in a separate codebase.
Max CVSS
4.3
EPSS Score
3.90%
Published
2006-12-18
Updated
2018-10-17
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
Max CVSS
7.6
EPSS Score
1.06%
Published
2006-06-30
Updated
2018-10-18
The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow.
Max CVSS
5.1
EPSS Score
3.94%
Published
2005-05-02
Updated
2017-10-11
6 vulnerabilities found