Latest apache openoffice Vulnerabilities

Apache OpenOffice: Macro URL arbitrary script execution
Apache OpenOffice<4.1.15
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
Apache OpenOffice<4.1.14
redhat/LibreOffice<7.2.6
redhat/LibreOffice<7.3.1
Apache OpenOffice: Macro URL arbitrary script execution
Apache OpenOffice<=4.1.13
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw i...
Apache OpenOffice<4.1.13
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw i...
Apache OpenOffice<4.1.13
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4...
Apache OpenOffice<4.1.11
It is possible for an attacker to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021...
Apache OpenOffice<4.1.11
It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to upda...
Apache OpenOffice<4.1.11
Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a "Billion Laughs" entity expansion denial of service attack and exploit via crafted XML fil...
Apache OpenOffice<=4.1.10
While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop inte...
Apache OpenOffice=4.1.8
Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checke...
Apache OpenOffice<=4.1.10
The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link...
Apache OpenOffice<=4.1.8
A vulnerability in Apache OpenOffice scripting events allows an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be...
Apache OpenOffice>=4.0.0<4.1.8
Apache OpenOffice: Loading internal / external resources without warning
Libreoffice Libreoffice
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Apache OpenOffice
debian/libreoffice<=1:6.1.5-3+deb10u7<=1:6.1.5-3+deb10u11<=1:7.0.4-4+deb11u7<=1:7.0.4-4+deb11u8<=4:7.4.7-1<=4:7.4.7-1+deb12u1<=4:24.2.0~rc2-2
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic O...
ubuntu/libreoffice<1:5.0.3~
ubuntu/libreoffice<1:4.2.8-0ubuntu5.5
Apache OpenOffice<=4.1.5
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
debian/libreoffice
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstra...
ubuntu/libreoffice<1:4.2.8-0ubuntu5.5
ubuntu/libreoffice<1:5.1.6~
Libreoffice Libreoffice=6.0.3
Apache OpenOffice=4.1.5
Debian Debian Linux=7.0
Debian Debian Linux=8.0
and 7 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203