Openoffice

Openoffice.Org

14 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2008-3437

  • EPSS 0.78%
  • Published 01.08.2008 14:41:00
  • Last modified 09.04.2025 00:30:58

OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.

9.3

CVE-2008-2152

  • EPSS 3.04%
  • Published 10.06.2008 18:32:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.

6.8

CVE-2007-5746

  • EPSS 7.72%
  • Published 17.04.2008 19:05:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.

9.3

CVE-2008-0320

  • EPSS 82%
  • Published 17.04.2008 19:05:00
  • Last modified 09.04.2025 00:30:58

Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.