Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openoffice vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2007-4251
OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote malicious users to cause a denial of service.
Openoffice Openoffice 2.2
392
VMScore
CVE-2008-2366
Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIG...
Openoffice Openoffice 1.1
187
VMScore
CVE-2004-0752
OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users.
Openoffice Openoffice 1.1.2
552
VMScore
CVE-2002-2210
The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file.
Openoffice Openoffice 1.0.1
828
VMScore
CVE-2006-5870
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and previous versions, and possibly other versions prior to 2.1.0; and StarOffice 6 through 8; allow user-assisted remote malicious users to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-ba...
Sun Staroffice 7.0
Sun Staroffice 8.0
Sun Staroffice 6.0
Openoffice Openoffice
NA
CVE-2022-37401
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weake...
Apache Openoffice
605
VMScore
CVE-2016-1513
The Impress tool in Apache OpenOffice 4.1.2 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
Apache Openoffice
445
VMScore
CVE-2021-41831
It is possible for an malicious user to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory.
Apache Openoffice
NA
CVE-2022-38745
Apache OpenOffice versions prior to 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
Apache Openoffice
605
VMScore
CVE-2021-30245
The project received a report that all versions of Apache OpenOffice up to and including 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution...
Apache Openoffice
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »