Apache: >> Openoffice >> 4.1.0 Security Vulnerabilities
LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.
CVSS Score
4.3
EPSS Score
0.087
Published
2015-11-10
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
CVSS Score
6.8
EPSS Score
0.127
Published
2015-04-28
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
CVSS Score
4.3
EPSS Score
0.016
Published
2014-08-27
Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.
CVSS Score
9.3
EPSS Score
0.118
Published
2014-08-26
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
CVSS Score
6.8
EPSS Score
0.081
Published
2004-06-01
Page 4