Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openoffice openoffice vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-1513
The Impress tool in Apache OpenOffice 4.1.2 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
Apache Openoffice
7.8
CVSSv3
CVE-2022-47502
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In ...
Apache Openoffice
NA
CVE-2009-3570
Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack aut...
Openoffice Openoffice.org
5.3
CVSSv3
CVE-2021-41831
It is possible for an malicious user to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory.
Apache Openoffice
7.8
CVSSv3
CVE-2020-13958
A vulnerability in Apache OpenOffice scripting events allows an malicious user to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be triggered unconditionally. In fixed versions no internal protocol may be ...
Apache Openoffice
1 Github repository
NA
CVE-2013-4156
Apache OpenOffice.org (OOo) prior to 4.0 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
Apache Openoffice
7.8
CVSSv3
CVE-2017-9806
A vulnerability in the OpenOffice Writer DOC file parser prior to 4.1.4, and specifically in the WW8Fonts Constructor, allows malicious users to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary cod...
Apache Openoffice
8.8
CVSSv3
CVE-2023-47804
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In ...
Apache Openoffice
6.5
CVSSv3
CVE-2021-40439
Apache OpenOffice has a dependency on expat software. Versions before 2.1.0 were subject to CVE-2013-0340 a "Billion Laughs" entity expansion denial of service attack and exploit via crafted XML files. ODF files consist of a set of XML files. All versions of Apache Open...
Apache Openoffice
NA
CVE-2013-2189
Apache OpenOffice.org (OOo) prior to 4.0 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
Apache Openoffice
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »