Vulnerabilities
Vulnerable Software
Apache:  >> Openoffice  >> 4.1.13  Security Vulnerabilities
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution. This is a corner case of CVE-2022-47502.
CVSS Score
8.8
EPSS Score
0.023
Published
2023-12-29
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-03-24
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-03-24
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
CVSS Score
6.8
EPSS Score
0.078
Published
2004-06-01


Contact Us

Shodan ® - All rights reserved