Apache Openoffice
34 CVEs affecting Apache Openoffice. Latest disclosed: 2017-11-20. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-12608 | High | 7.8 | 2017-11-20 | A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious docume… |
CVE-2017-12607 | High | 7.8 | 2017-11-20 | A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denia… |
CVE-2017-9806 | High | 7.8 | 2017-11-20 | A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious docume… |
CVE-2016-6804 | High | 7.8 | 2017-11-20 | The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows exec… |
CVE-2016-6803 | High | 7.8 | 2017-11-13 | An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must ha… |
CVE-2016-1513 | High | 7.8 | 2016-08-05 | The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary… |
CVE-2012-0037 | Medium | 6.5 | 2012-06-17 | Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allow… |
CVE-2017-3157 | Medium | 5.5 | 2017-11-20 | By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's… |
CVE-2015-5214 | | 2015-11-10 | LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and ap… | |
CVE-2015-5213 | | 2015-11-10 | Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and app… | |
CVE-2015-5212 | | 2015-11-10 | Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is e… | |
CVE-2015-4551 | | 2015-11-10 | LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates… | |
CVE-2015-1774 | | 2015-04-28 | The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (cras… | |
CVE-2014-3575 | | 2014-08-27 | The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via c… | |
CVE-2014-3524 | | 2014-08-26 | Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet. | |
CVE-2013-4156 | | 2013-07-31 | Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a… | |
CVE-2013-2189 | | 2013-07-31 | Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via i… | |
CVE-2012-2665 | | 2012-08-06 | Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attac… | |
CVE-2010-4643 | | 2011-01-28 | Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) o… | |
CVE-2010-4253 | | 2011-01-28 | Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) o… |