Headline
CVE-2009-2950: Apache OpenOffice Security Team Bulletin
Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression.
If you want to stay up to date on Apache OpenOffice security announcements, please subscribe to our security-alerts mailing list.
Fixed in Apache OpenOffice 4.1.11
- CVE-2021-28129: DEB packaging installed with a non-root userid and groupid
- CVE-2021-33035: Buffer overflow from a crafted DBF file
- CVE-2021-40439: “Billion Laughs” fixed in Expat >=2.4.0
- CVE-2021-41830: #1 Content Manipulation with Certificate Double Attack
- CVE-2021-41830: #2 Macro Manipulation with Certificate Double Attack
- CVE-2021-41831: #3 Timestamp Manipulation with Signature Wrapping
- CVE-2021-41832: #4 Content Manipulation with Certificate Validation Attack
Fixed in Apache OpenOffice 4.1.10
- CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks
Fixed in Apache OpenOffice 4.1.8
- CVE-2020-13958: Unrestricted actions leads to arbitrary code execution in crafted documents
Fixed in Apache OpenOffice 4.1.7
- CVE-2019-9853: Insufficient URL decoding flaw in categorizing macro location
Fixed in Apache OpenOffice 4.1.6
- CVE-2018-11790: Arithmetic overflow and wrap around during string length calculation
Fixed in Apache OpenOffice 4.1.5
- No security vulnerabilities fixed in this release
Fixed in Apache OpenOffice 4.1.4
- CVE-2017-3157: Arbitrary file disclosure in Calc and Writer
- CVE-2017-9806: Out-of-Bounds Write in Writer’s WW8Fonts Constructor
- CVE-2017-12607: Out-of-Bounds Write in Impress’ PPT Filter
- CVE-2017-12608: Out-of-Bounds Write in Writer’s ImportOldFormatStyles
Fixed in Apache OpenOffice 4.1.3
- CVE-2016-1513: Memory Corruption Vulnerability (Impress Presentations)
- CVE-2016-6803: Windows Installer Can Enable Privileged Trojan Execution
- CVE-2016-6804: Windows Installer Execution of Arbitrary Code with Elevated Privileges
Fixed in Apache OpenOffice 4.1.2
- CVE-2015-1774: Out-of-Bounds Write in HWP File Filter
- CVE-2015-4551: Targeted Data Disclosure
- CVE-2015-5212: ODF Printer Settings Vulnerability
- CVE-2015-5213: .DOC Document Vulnerability
- CVE-2015-5214: .DOC Bookmarks Vulnerability
Fixed in Apache OpenOffice 4.1.1
- CVE-2014-3575: Targeted Data Exposure Using Crafted OLE Objects in Apache OpenOffice
- CVE-2014-3524: Calc Command Injection Vulnerability in Apache OpenOffice
Fixed in Apache OpenOffice 4.0.0
- CVE-2013-2189: DOC Memory Corruption Vulnerability in Apache OpenOffice
- CVE-2013-4156: DOCM Memory Corruption Vulnerability in Apache OpenOffice
Fixed in Apache OpenOffice 3.4.1
- CVE-2012-2665: Manifest-processing errors in Apache OpenOffice 3.4.0
- CVE-2013-1571: Frame Injection Vulnerability in SDK JavaDoc
Fixed in Apache OpenOffice 3.4.0
- CVE-2012-1149: OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object
- CVE-2012-2149: OpenOffice.org memory overwrite vulnerability
- CVE-2012-2334: Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0
Patches for OpenOffice.org 3.3
- CVE-2012-0037: OpenOffice.org data leakage vulnerability
Fixed in OpenOffice.org 3.3
- CVE-2010-2935 / CVE-2010-2936: Security Vulnerability in OpenOffice.org related to PowerPoint document processing
- CVE-2010-3450: Security Vulnerability in OpenOffice.org related to Extensions and filter package files
- CVE-2010-3451 / CVE-2010-3452: Security Vulnerability in OpenOffice.org related to RTF document processing
- CVE-2010-3453 / CVE-2010-3454: Security Vulnerability in OpenOffice.org related to Word document processing
- CVE-2010-3689: Insecure LD_LIBRARY_PATH usage in OpenOffice.org shell scripts
- CVE-2010-3702 / CVE-2010-3704: Security Vulnerability in OpenOffice.org’s PDF Import extension resulting from 3rd party library XPDF
- CVE-2010-4008 / CVE-2010-4494: Possible Security Vulnerability in OpenOffice.org resulting from 3rd party library LIBXML2
- CVE-2010-4253: Security Vulnerability in OpenOffice.org related to PNG file processing
- CVE-2010-4643: Security Vulnerability in OpenOffice.org related to TGA file processing
Fixed in OpenOffice.org 3.2.1
- CVE-2009-3555: OpenOffice.org 2 and 3 may be affected by the TLS/SSL Renegotiation Issue in 3rd Party Libraries
- CVE-2010-0395: Security vulnerability in OpenOffice.org related to python scripting
Fixed in OpenOffice.org 3.2
- CVE-2006-4339: Potential vulnerability from 3rd party libxml2 libraries
- CVE-2009-0217: Potential vulnerability from 3rd party libxmlsec libraries
- CVE-2009-2493: OpenOffice.org 3 for Windows bundles a vulnerable version of MSVC Runtime
- CVE-2009-2949: Potential vulnerability related to XPM file processing
- CVE-2009-2950: Potential vulnerability related to GIF file processing
- CVE-2009-3301/2: Potential vulnerability related to MS-Word document processing
Fixed in OpenOffice.org 3.1.1
- CVE-2009-0200 / CVE-2009-0201: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution
- CVE-2009-2414 / CVE-2009-2416: Manipulated XML documents can lead to arbitrary code execution
Fixed in OpenOffice.org 3.1
- No security vulnerabilities fixed in this release
Fixed in OpenOffice.org 3.0.1
- No security vulnerabilities fixed in this release
Fixed in OpenOffice.org 3.0
- No security vulnerabilities fixed in this release
Fixed in OpenOffice.org 2.4.3
- CVE-2009-0200 / CVE-2009-0201: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution
- CVE-2009-2414 / CVE-2009-2416: Manipulated XML documents can lead to arbitrary code execution
Fixed in OpenOffice.org 2.4.2
- CVE-2008-2237: Manipulated WMF files can lead to heap overflows and arbitrary code execution
- CVE-2008-2238: Manipulated EMF files can lead to heap overflows and arbitrary code execution
Fixed in OpenOffice.org 2.4.1
- CVE-2008-2152: Different kinds of manipulated files may lead to heap overflows and arbitrary code execution
Fixed in OpenOffice.org 2.4
- CVE-2007-4770/4771: Manipulated ODF text documents containing XForms can lead to heap overflows and arbitrary code execution
- CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution
- CVE-2007-5746: Manipulated EMF files can lead to heap overflows and arbitrary code execution
- CVE-2008-0320: Manipulated OLE files can lead to heap overflows and arbitrary code execution
Fixed in OpenOffice.org 2.3.1
- CVE-2007-4575: Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)
Fixed in OpenOffice.org 2.3
- CVE-2007-2834: Manipulated TIFF files can lead to heap overflows and arbitrary code execution
Fixed in OpenOffice.org 2.2.1
- CVE-2007-2754: Integer overflow and heap-based buffer overflow vulnerability in 3rd party module (freetype)
- CVE-2007-0245: Manipulated RTF files can lead to heap overflows and arbitrary code execution
Fixed in OpenOffice.org 2.2
- CVE-2007-0239: URL Handling Security Vulnerability (Linux/Solaris)
- CVE-2007-0238: StarCalc Vulnerability
- CVE-2007-002: WordPerfect Import Vulnerability
Fixed in OpenOffice.org 2.1
- CVE-2006-5870: WMF/EMF Processing Failures
Fixed in OpenOffice.org 2.0.3
- CVE-2006-2199: Java Applets
- CVE-2006-2198: Macro
- CVE-2006-3117: File Format
Security Home -> Bulletin