Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.6
CVSSv2

CVE-2006-2198

Published: 30/06/2006 Updated: 18/10/2018
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
VMScore: 676
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Subscribe to Openoffice

Vulnerability Summary

OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x prior to 2.0.3 allows user-assisted malicious users to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openoffice openoffice 1.1.1a

openoffice openoffice 1.1.1b

openoffice openoffice 2.0.0_rc2

openoffice openoffice 2.0.0_rc3

openoffice openoffice 2.0.3_rc4

openoffice openoffice 2.0.3_rc5

openoffice openoffice 1.1.4

openoffice openoffice 1.1.5

openoffice openoffice 2.0.2_rc2

openoffice openoffice 2.0.2_rc3

sun staroffice 8.0

openoffice openoffice 1.1.2

openoffice openoffice 1.1.3

openoffice openoffice 2.0.1

openoffice openoffice 2.0.2

openoffice openoffice 2.0.2_rc1

openoffice openoffice 2.0.3_rc6

sun staroffice 7.0

openoffice openoffice 1.1.0

openoffice openoffice 1.1.1

openoffice openoffice 2.0.0

openoffice openoffice 2.0.0_rc1

openoffice openoffice 2.0.2_rc4

openoffice openoffice 2.0.3_rc3

Vendor Advisories

Ubuntu Security Notice: openoffice.org2-amd64, openoffice.org2 vulnerabilities
USN-313-1 fixed several vulnerabilities in OpenOffice for Ubuntu 504 and Ubuntu 606 LTS This followup advisory provides the corresponding update for Ubuntu 510 ...
Ubuntu Security Notice: openoffice.org-amd64, openoffice.org vulnerabilities
It was possible to embed Basic macros in documents in a way that OpenOfficeorg would not ask for confirmation about executing them By tricking a user into opening a malicious document, this could be exploited to run arbitrary Basic code (including local file access and modification) with the user’s privileges (CVE-2006-2198) ...

References

CWE-264http://www.openoffice.org/security/CVE-2006-2199.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1http://www.debian.org/security/2006/dsa-1104http://www.redhat.com/support/errata/RHSA-2006-0573.htmlhttp://www.novell.com/linux/security/advisories/2006_40_openoffice.htmlhttp://www.securityfocus.com/bid/18738http://securitytracker.com/id?1016414http://secunia.com/advisories/20867http://secunia.com/advisories/20893http://secunia.com/advisories/20911http://www.ubuntu.com/usn/usn-313-1http://secunia.com/advisories/20913http://secunia.com/advisories/20910http://secunia.com/advisories/20975http://secunia.com/advisories/20995http://www.ubuntu.com/usn/usn-313-2http://www.kb.cert.org/vuls/id/170113http://security.gentoo.org/glsa/glsa-200607-12.xmlhttp://secunia.com/advisories/21278https://issues.rpath.com/browse/RPL-475http://secunia.com/advisories/22129http://fedoranews.org/cms/node/2343http://secunia.com/advisories/23620http://www.mandriva.com/security/advisories?name=MDKSA-2006:118http://www.vupen.com/english/advisories/2006/2621http://www.vupen.com/english/advisories/2006/2607https://exchange.xforce.ibmcloud.com/vulnerabilities/27564https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082http://www.securityfocus.com/archive/1/447035/100/0/threadedhttps://nvd.nist.govhttps://usn.ubuntu.com/313-2/https://www.kb.cert.org/vuls/id/170113
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook