Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache openoffice vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-37401
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weake...
Apache Openoffice
6.8
CVSSv2
CVE-2016-1513
The Impress tool in Apache OpenOffice 4.1.2 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
Apache Openoffice
5
CVSSv2
CVE-2021-41831
It is possible for an malicious user to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory.
Apache Openoffice
NA
CVE-2022-38745
Apache OpenOffice versions prior to 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
Apache Openoffice
6.8
CVSSv2
CVE-2021-30245
The project received a report that all versions of Apache OpenOffice up to and including 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution...
Apache Openoffice
6.8
CVSSv2
CVE-2013-2189
Apache OpenOffice.org (OOo) prior to 4.0 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
Apache Openoffice
NA
CVE-2022-47502
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In ...
Apache Openoffice
6.8
CVSSv2
CVE-2021-33035
Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document co...
Apache Openoffice
1 Article
9.3
CVSSv2
CVE-2016-6804
The Apache OpenOffice installer (versions before 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been pr...
Apache Openoffice
6.8
CVSSv2
CVE-2013-4156
Apache OpenOffice.org (OOo) prior to 4.0 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
Apache Openoffice
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »