Search CVE reports
11 – 13 of 13 results
The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service...
2 affected packages
openoffice.org, openoffice.org-l10n
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openoffice.org | — | — | — | — |
| openoffice.org-l10n | — | — | — | — |
OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users.
2 affected packages
openoffice.org, openoffice.org-l10n
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openoffice.org | — | — | — | — |
| openoffice.org-l10n | — | — | — | — |
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
7 affected packages
neon, neon26, bazaar, neon24, openoffice.org...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| neon | — | — | — | — |
| neon26 | — | — | — | — |
| bazaar | — | — | — | — |
| neon24 | — | — | — | — |
| openoffice.org | — | — | — | — |
| openoffice.org-l10n | — | — | — | — |
| tla | — | — | — | — |