Feng Office version 2.0 Beta 3 suffers from cross site scripting and privilege escalation vulnerabilities.
c7f9176fbec9a9bd75131316e5716c7fac417c119bd0f14371400af5c4cdfa99Secunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
4b0428dc306c48a1dce3d0d242c022d32ecb1999aeef39be84f18c9203785e16Secunia Security Advisory - Ubuntu has issued an update for libreoffice. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
9e1a0dd01efd47003de801f3478e4ada7ea28703bbf95422503c9a3529cb8cf0Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system.
e049e0b801540514dc4f36105c6d528a821ec2b23a16e48e0fdaf8849f69011aUbuntu Security Notice 1537-1 - It was discovered that OpenOffice.org incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause OpenOffice.org to crash or possibly execute arbitrary code with the privileges of the user invoking the program.
732af7ab4447e86da664cb28cd27c2933227231e898ccd4393d48db0e3186698Ubuntu Security Notice 1536-1 - It was discovered that LibreOffice incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program.
4d043603529ee5cc103e3b5aee7adbaaa490fe5f2e360031f1ed03e54b0f33caGroup-Office version 4.0.71 stores credentials in the clear in cookies.
63d144d75532557bd4e2c7319685e0f502852e50757da183cc38c9429081c7c9Secunia Security Advisory - Ubuntu has issued an update for koffice. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
f457133663067f176a740320aeaeabc1db606d0b70ccb940ae0795b005017da5LibreOffice versions prior to 3.5.5 and Apache OpenOffice versions 3.4.0 and below suffer from a code execution vulnerability.
3885049d1011ea25a22ee7462ec84341203997a45057579787881898c872ee6bUbuntu Security Notice 1526-1 - It was discovered that KOffice incorrectly handled certain malformed MS Word documents. If a user or automated system were tricked into opening a crafted MS Word file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
43e88c37453c69867d815481a625315c78eea69767bddb4042378d1de7526dc2Secunia Security Advisory - Accuvant Labs has reported a vulnerability in KOffice, which can be exploited by malicious people to compromise a user's system.
ac14bbaedc29c2f936ec38bc639b32637749fa45449b932c1eaaf1935a45b3f7Mandriva Linux Security Advisory 2012-124 - Multiple heap-based buffer overflow flaws were found in the XML manifest encryption tag parsing code of openoffice.org. An attacker could create a specially-crafted file in the Open Document Format for Office Applications format which when opened could cause arbitrary code execution. The updated packages have been patched to correct this issue.
edc8b7b8881c532d8f8356f8d5b99ea70350faa5a1cf0f3b1fa7e7452ab11967Mandriva Linux Security Advisory 2012-123 - Multiple heap-based buffer overflow flaws were found in the XML manifest encryption tag parsing code of LibreOffice. An attacker could create a specially-crafted file in the Open Document Format for Office Applications format which when opened could cause arbitrary code execution. libreoffice for Mandriva Linux 2011 has been upgraded to the 3.5.5 version which is not vulnerable to this issue.
74e32dd9f3fd8c69c0ed7ea725fef06274f6e407d2787625ef8145944f3c6ec2Secunia Security Advisory - Debian has issued an update for openoffice.org. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
3e23076ea797a8d6aafedb22dbc607794c8f7cacc01260c9477e0fdaef685928Debian Linux Security Advisory 2520-1 - Timo Warns from PRE-CERT discovered multiple heap-based buffer overflows in OpenOffice.org, an office productivity suite. The issues lies in the XML manifest encryption tag parsing code. Using specially crafted files, an attacker can cause application crash and could cause arbitrary code execution.
01058fb3e73899f5614de4378a1f281d11b663b075a75d78a87026487124e896Secunia Security Advisory - Multiple vulnerabilities have been reported in LibreOffice, which can be exploited by malicious people to compromise a user's system.
05449c7d71b7d1249fe4762e8186366b29cca874f4593324104ca36d0d6aa7e0Secunia Security Advisory - Red Hat has issued an update for libreoffice. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
4ae12fd82c626ad683dc527ebb00234f648b6a4853164637ffdbddf50a666db2Secunia Security Advisory - Red Hat has issued an update for openoffice.org. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
50db47b73dcfa5c7b79741571daae38bb67a7e808b3ce1c9e9ddc2dce8d320c4Red Hat Security Advisory 2012-1136-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way OpenOffice.org processed encryption information in the manifest files of OpenDocument Format files. An attacker could provide a specially-crafted OpenDocument Format file that, when opened in an OpenOffice.org application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
b59bd2e586688730a92ac126349c089bef1303f0b4131b5918f5c095da0db017Red Hat Security Advisory 2012-1135-01 - LibreOffice is an open source, community-developed office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way LibreOffice processed encryption information in the manifest files of OpenDocument Format files. An attacker could provide a specially-crafted OpenDocument Format file that, when opened in a LibreOffice application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
ef5af1d4129c97a023a0cc2e74caaa7ad86b3ab37d19926858984185cae82c3cThis Metasploit module exploits a vulnerability found in SharePoint Server 2007 SP2. The software contains a directory traversal, that allows a remote attacker to write arbitrary files to the filesystem, sending a specially crafted SOAP ConvertFile request to the Office Document Conversions Launcher Service, which results in code execution under the context of 'SYSTEM'. The module uses uses the Windows Management Instrumentation service to execute an arbitrary payload on vulnerable installations of SharePoint on Windows 2003 Servers. It has been successfully tested on Office SharePoint Server 2007 SP2 over Windows 2003 SP2.
7ad8e7d26bc7d8213c68e74fdb77fb2a0f223d16965a4e6425e8d2f9797435cdSecunia Security Advisory - A vulnerability has been reported in Microsoft Visual Basic for Applications and Microsoft Office, which can be exploited by malicious people to compromise a user's system.
f66a12bc7c479b8166468fd3ca01fcfd7cd2b635a26e9279aefdd7e5bf77efe7Secunia Security Advisory - A security issue has been reported in Microsoft Office for Mac, which can be exploited by malicious, local users to gain escalated privileges.
348c5d49308891533f2cbd131c08618ec5a0353c7138aa8a433130564762be98Secunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
3583b7f00603e29fbe89ecdd9aff42d5208018b0fe7097e5d4f954f0e5d78bd5Secunia Security Advisory - Ubuntu has issued an update for libreoffice. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
7a1144aa1710d85e1bb6c7b8fd7742eb0e6dca9894a3de675490af116ab9207eUbuntu Security Notice 1495-1 - Integer overflows were discovered in the graphics loading code of several different image types. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Sven Jacobi discovered an integer overflow when processing Escher graphics records. If a user were tricked into opening a specially crafted PowerPoint file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
617a6c43b47fc945fe320c3985b9aff5125c701754e92f77d4b51afa4f2dda8a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed