Gentoo Linux Security Advisory 201408-19 - Multiple vulnerabilities have been found in OpenOffice and LibreOffice, the worst of which may result in execution of arbitrary code.
25cba7cb86e5c00a8edba21108a03562ceee1d3bf37cd0e99baa6eabd8e19dc3Gentoo Linux Security Advisory 201209-5 - Multiple vulnerabilities have been found in LibreOffice, allowing remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 3.5.5.3 are affected.
0c0c89386d8cd136d3fe20439efaf87b5728dd22a2e911959574abcd93409365When OpenOffice reads an ODF document, it first loads and processes an XML stream within the file called the manifest. Apache OpenOffice 3.4.0 has logic errors that allows a carefully crafted manifest to cause reads and writes beyond allocated buffers.
493c97b0d9779ff425aec7f71289318f69ad4df12dd5f0dbdc14075fa27d8e32Ubuntu Security Notice 1537-1 - It was discovered that OpenOffice.org incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause OpenOffice.org to crash or possibly execute arbitrary code with the privileges of the user invoking the program.
732af7ab4447e86da664cb28cd27c2933227231e898ccd4393d48db0e3186698Ubuntu Security Notice 1536-1 - It was discovered that LibreOffice incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program.
4d043603529ee5cc103e3b5aee7adbaaa490fe5f2e360031f1ed03e54b0f33caLibreOffice versions prior to 3.5.5 and Apache OpenOffice versions 3.4.0 and below suffer from a code execution vulnerability.
3885049d1011ea25a22ee7462ec84341203997a45057579787881898c872ee6bMandriva Linux Security Advisory 2012-124 - Multiple heap-based buffer overflow flaws were found in the XML manifest encryption tag parsing code of openoffice.org. An attacker could create a specially-crafted file in the Open Document Format for Office Applications format which when opened could cause arbitrary code execution. The updated packages have been patched to correct this issue.
edc8b7b8881c532d8f8356f8d5b99ea70350faa5a1cf0f3b1fa7e7452ab11967Mandriva Linux Security Advisory 2012-123 - Multiple heap-based buffer overflow flaws were found in the XML manifest encryption tag parsing code of LibreOffice. An attacker could create a specially-crafted file in the Open Document Format for Office Applications format which when opened could cause arbitrary code execution. libreoffice for Mandriva Linux 2011 has been upgraded to the 3.5.5 version which is not vulnerable to this issue.
74e32dd9f3fd8c69c0ed7ea725fef06274f6e407d2787625ef8145944f3c6ec2Debian Linux Security Advisory 2520-1 - Timo Warns from PRE-CERT discovered multiple heap-based buffer overflows in OpenOffice.org, an office productivity suite. The issues lies in the XML manifest encryption tag parsing code. Using specially crafted files, an attacker can cause application crash and could cause arbitrary code execution.
01058fb3e73899f5614de4378a1f281d11b663b075a75d78a87026487124e896Red Hat Security Advisory 2012-1136-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way OpenOffice.org processed encryption information in the manifest files of OpenDocument Format files. An attacker could provide a specially-crafted OpenDocument Format file that, when opened in an OpenOffice.org application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
b59bd2e586688730a92ac126349c089bef1303f0b4131b5918f5c095da0db017Red Hat Security Advisory 2012-1135-01 - LibreOffice is an open source, community-developed office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way LibreOffice processed encryption information in the manifest files of OpenDocument Format files. An attacker could provide a specially-crafted OpenDocument Format file that, when opened in a LibreOffice application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
ef5af1d4129c97a023a0cc2e74caaa7ad86b3ab37d19926858984185cae82c3c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed