Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openoffice vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2009-3570
Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack aut...
Openoffice Openoffice.org
6.8
CVSSv2
CVE-2013-2189
Apache OpenOffice.org (OOo) prior to 4.0 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
Apache Openoffice
9.3
CVSSv2
CVE-2010-4643
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x prior to 3.3 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office documen...
Apache Openoffice
6.8
CVSSv2
CVE-2021-33035
Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document co...
Apache Openoffice
1 Article
5
CVSSv2
CVE-2021-41830
It is possible for an malicious user to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory.
Apache Openoffice
5
CVSSv2
CVE-2021-41831
It is possible for an malicious user to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory.
Apache Openoffice
5
CVSSv2
CVE-2021-41832
It is possible for an malicious user to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory.
Apache Openoffice
9.3
CVSSv2
CVE-2020-13958
A vulnerability in Apache OpenOffice scripting events allows an malicious user to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be triggered unconditionally. In fixed versions no internal protocol may be ...
Apache Openoffice
1 Github repository
NA
CVE-2022-38745
Apache OpenOffice versions prior to 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
Apache Openoffice
NA
CVE-2022-37401
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weake...
Apache Openoffice
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »