Refine your search
26 vulnerabilities found for Apache OpenOffice by Apache Software Foundation
CVE-2025-64407 (GCVE-0-2025-64407)
Vulnerability from cvelistv5
Published
2025-11-12 09:12
Modified
2025-11-13 16:32
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links
to be loaded without prompt. Such links could also be used to transmit system information, such as environment variables or configuration settings.
In the affected versions of Apache OpenOffice, documents that used a certain URI scheme linking to external files would
load the contents of such files without prompting the user for
permission to do so. Such URI scheme allows to include system configuration data, that is not supposed to be transmitted externally.
This issue affects Apache OpenOffice: through 4.1.15.
Users are recommended to upgrade to version 4.1.16, which fixes the issue.
The LibreOffice suite reported this issue as CVE-2024-12426.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 ≤ 4.1.15 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-64407",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T16:31:52.530807Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:32:12.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thomas Rinsma of Codean Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links \nto be loaded without prompt. Such links could also be used to transmit system information, such as environment variables or configuration settings.\u003c/p\u003e\u003cp\u003eIn the affected versions of Apache OpenOffice, documents that used a certain URI scheme linking to external files would \nload the contents of such files without prompting the user for \npermission to do so. Such URI scheme allows to include system configuration data, that is not supposed to be transmitted externally.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OpenOffice: through 4.1.15.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 4.1.16, which fixes the issue.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe LibreOffice suite reported this issue as\u0026nbsp;CVE-2024-12426.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links \nto be loaded without prompt. Such links could also be used to transmit system information, such as environment variables or configuration settings.\n\nIn the affected versions of Apache OpenOffice, documents that used a certain URI scheme linking to external files would \nload the contents of such files without prompting the user for \npermission to do so. Such URI scheme allows to include system configuration data, that is not supposed to be transmitted externally.\n\nThis issue affects Apache OpenOffice: through 4.1.15.\n\nUsers are recommended to upgrade to version 4.1.16, which fixes the issue.\n\n\n\n\n\nThe LibreOffice suite reported this issue as\u00a0CVE-2024-12426."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "CWE-201 Insertion of Sensitive Information Into Sent Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T09:12:48.714Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openoffice.org/security/cves/CVE-2025-64407.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/4yg1gv71f14fw4ky4ds50o6xjq49594g"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache OpenOffice: URL fetching can be used to exfiltrate arbitrary INI file values and environment variables",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-64407",
"datePublished": "2025-11-12T09:12:48.714Z",
"dateReserved": "2025-11-02T10:18:16.326Z",
"dateUpdated": "2025-11-13T16:32:12.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64406 (GCVE-0-2025-64406)
Vulnerability from cvelistv5
Published
2025-11-12 09:11
Modified
2025-11-12 17:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas.
This issue affects Apache OpenOffice: through 4.1.15.
Users are recommended to upgrade to version 4.1.16, which fixes the issue.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 ≤ 4.1.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-12T10:06:09.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/11/9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-64406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T16:41:46.913554Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T17:09:01.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Damjan Jovanovic for discovering, reporting and fixing the issue"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OpenOffice: through 4.1.15.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 4.1.16, which fixes the issue.\u003c/p\u003e"
}
],
"value": "An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas.\n\nThis issue affects Apache OpenOffice: through 4.1.15.\n\nUsers are recommended to upgrade to version 4.1.16, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T09:11:47.133Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openoffice.org/security/cves/CVE-2025-64406.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/py89gpogxfb2yo9c5vwv2h9x3m85pfmm"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache OpenOffice: Possible memory corruption during CSV import",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-64406",
"datePublished": "2025-11-12T09:11:47.133Z",
"dateReserved": "2025-11-02T10:05:15.686Z",
"dateUpdated": "2025-11-12T17:09:01.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64405 (GCVE-0-2025-64405)
Vulnerability from cvelistv5
Published
2025-11-12 09:10
Modified
2025-11-13 16:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links
to be loaded without prompt. In the affected versions of Apache OpenOffice, Calc spreadsheet containing DDE links to external files would
load the contents of those files without prompting the user for
permission to do so.
This issue affects Apache OpenOffice: through 4.1.15.
Users are recommended to upgrade to version 4.1.16, which fixes the issue.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 ≤ 4.1.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-12T10:06:08.313Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/11/8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-64405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T16:40:34.344465Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:40:51.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Louis Bettels, Technische Universit\u00e4t Braunschweig"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links \nto be loaded without prompt. In the affected versions of Apache OpenOffice, Calc spreadsheet containing DDE links to external files would \nload the contents of those files without prompting the user for \npermission to do so.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OpenOffice: through 4.1.15.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 4.1.16, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links \nto be loaded without prompt. In the affected versions of Apache OpenOffice, Calc spreadsheet containing DDE links to external files would \nload the contents of those files without prompting the user for \npermission to do so.\n\nThis issue affects Apache OpenOffice: through 4.1.15.\n\nUsers are recommended to upgrade to version 4.1.16, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T09:10:35.778Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openoffice.org/security/cves/CVE-2025-64405.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/0jjftxkcc4l9kt7jjn630hfrh2ygfcbk"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache OpenOffice: Remote documents loaded without prompt via DDE function",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-64405",
"datePublished": "2025-11-12T09:10:35.778Z",
"dateReserved": "2025-11-02T09:56:16.204Z",
"dateUpdated": "2025-11-13T16:40:51.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64404 (GCVE-0-2025-64404)
Vulnerability from cvelistv5
Published
2025-11-12 09:08
Modified
2025-11-13 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Apache OpenOffice documents can contain links to other files. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links
to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used background fill images, or bullet images, linked to external files would
load the contents of those files without prompting the user for
permission to do so.
This issue affects Apache OpenOffice: through 4.1.15.
Users are recommended to upgrade to version 4.1.16, which fixes the issue.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 ≤ 4.1.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-12T10:06:06.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/11/7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-64404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T16:41:26.881531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:41:33.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reginaldo Silva of ubercomp.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApache OpenOffice documents can contain links to other files. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links \nto be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used background fill images, or bullet images, linked to external files would \nload the contents of those files without prompting the user for \npermission to do so.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OpenOffice: through 4.1.15.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 4.1.16, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Apache OpenOffice documents can contain links to other files. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links \nto be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used background fill images, or bullet images, linked to external files would \nload the contents of those files without prompting the user for \npermission to do so.\n\nThis issue affects Apache OpenOffice: through 4.1.15.\n\nUsers are recommended to upgrade to version 4.1.16, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T09:08:34.261Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openoffice.org/security/cves/CVE-2025-64404.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/08n4mdx0pnhqsllnkc63d27sdgq3tygc"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache OpenOffice: Remote documents loaded without prompt via background and bullet images",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-64404",
"datePublished": "2025-11-12T09:08:34.261Z",
"dateReserved": "2025-11-02T09:49:27.879Z",
"dateUpdated": "2025-11-13T16:41:33.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64403 (GCVE-0-2025-64403)
Vulnerability from cvelistv5
Published
2025-11-12 09:04
Modified
2025-11-12 14:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links
to be loaded without prompt.
This issue affects Apache OpenOffice: through 4.1.15.
Users are recommended to upgrade to version 4.1.16, which fixes the issue.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 ≤ 4.1.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-12T09:06:12.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/11/6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-64403",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:46:24.702344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T14:47:26.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reginaldo Silva of ubercomp.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApache OpenOffice Calc spreadsheet can contain links to other files, in the form of \"external data sources\". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links \nto be loaded without prompt.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OpenOffice: through 4.1.15.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 4.1.16, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of \"external data sources\". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links \nto be loaded without prompt.\n\nThis issue affects Apache OpenOffice: through 4.1.15.\n\nUsers are recommended to upgrade to version 4.1.16, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T09:04:50.392Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openoffice.org/security/cves/CVE-2025-64403.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/t7c6jhvdb00xtgd9vvn7h5sq9f4h5trt"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OpenOffice: Remote documents loaded without prompt via \"external data sources\" in Calc",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-64403",
"datePublished": "2025-11-12T09:04:50.392Z",
"dateReserved": "2025-11-02T08:38:57.625Z",
"dateUpdated": "2025-11-12T14:47:26.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64402 (GCVE-0-2025-64402)
Vulnerability from cvelistv5
Published
2025-11-12 09:03
Modified
2025-11-12 14:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links
to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to external files would
load the contents of those files without prompting the user for
permission to do so.
This issue affects Apache OpenOffice: through 4.1.15.
Users are recommended to upgrade to version 4.1.16, which fixes the issue.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 ≤ 4.1.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-12T09:06:11.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/11/5"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-64402",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:48:43.479848Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T14:49:16.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dawid Golunski, Doyensec LLC"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links \nto be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used \"OLE objects\" linked to external files would \nload the contents of those files without prompting the user for \npermission to do so.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OpenOffice: through 4.1.15.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 4.1.16, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links \nto be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used \"OLE objects\" linked to external files would \nload the contents of those files without prompting the user for \npermission to do so.\n\nThis issue affects Apache OpenOffice: through 4.1.15.\n\nUsers are recommended to upgrade to version 4.1.16, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T09:03:01.604Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openoffice.org/security/cves/CVE-2025-64402.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/tssrl88tygjsgk6csllm6p2fb6tlv8d8"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OpenOffice: Remote documents loaded without prompt via OLE objects",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-64402",
"datePublished": "2025-11-12T09:03:01.604Z",
"dateReserved": "2025-11-02T08:22:18.671Z",
"dateUpdated": "2025-11-12T14:49:16.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-64401 (GCVE-0-2025-64401)
Vulnerability from cvelistv5
Published
2025-11-12 08:58
Modified
2025-11-12 14:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links
to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linked to external files would
load the contents of those frames without prompting the user for
permission to do so.
This issue affects Apache OpenOffice: through 4.1.15.
Users are recommended to upgrade to version 4.1.16, which fixes the issue.
The LibreOffice suite reported this issue as CVE-2023-2255
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 ≤ 4.1.15 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-64401",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:50:27.226997Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T14:50:48.219Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Amel Bouziane-Leblond for discovering and reporting the issue"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice\u0026nbsp;allowed an attacker to craft a document that would cause external links \nto be loaded without prompt.\u0026nbsp;In the affected versions of Apache OpenOffice, documents that used \"floating frames\" linked to external files would \nload the contents of those frames without prompting the user for \npermission to do so.\u003c/p\u003e\u003cp\u003eThis issue affects Apache OpenOffice: through 4.1.15.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 4.1.16, which fixes the issue.\u003c/p\u003e\u003cp\u003eThe LibreOffice suite reported this issue as\u0026nbsp;CVE-2023-2255\u003c/p\u003e"
}
],
"value": "Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice\u00a0allowed an attacker to craft a document that would cause external links \nto be loaded without prompt.\u00a0In the affected versions of Apache OpenOffice, documents that used \"floating frames\" linked to external files would \nload the contents of those frames without prompting the user for \npermission to do so.\n\nThis issue affects Apache OpenOffice: through 4.1.15.\n\nUsers are recommended to upgrade to version 4.1.16, which fixes the issue.\n\nThe LibreOffice suite reported this issue as\u00a0CVE-2023-2255"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T08:58:18.371Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openoffice.org/security/cves/CVE-2025-64401.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/o00dtgvhr9tx8r4y8vf6y2mg7nn6mx6c"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OpenOffice: Remote documents loaded without prompt via IFrame",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-64401",
"datePublished": "2025-11-12T08:58:18.371Z",
"dateReserved": "2025-11-02T07:28:25.037Z",
"dateUpdated": "2025-11-12T14:50:48.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-47804 (GCVE-0-2023-47804)
Vulnerability from cvelistv5
Published
2023-12-29 14:31
Modified
2025-02-13 17:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose.
Links can be activated by clicks, or by automatic document events.
The execution of such links must be subject to user approval.
In the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution.
This is a corner case of CVE-2022-47502.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 ≤ 4.1.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:16:43.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/ygp59swfcy6g46jf8v9s6qpwmxn8fsvb"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2023-47804.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Amel BOUZIANE-LEBLOND aka Icare Bug Bounty Hunter"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose.\u003c/p\u003e\u003cp\u003eLinks can be activated by clicks, or by automatic document events.\u003c/p\u003e\u003cp\u003eThe execution of such links must be subject to user approval.\u003c/p\u003e\u003cp\u003eIn the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution.\u003c/p\u003e\u003cp\u003eThis is a corner case of CVE-2022-47502.\u003c/p\u003e"
}
],
"value": "Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose.\n\nLinks can be activated by clicks, or by automatic document events.\n\nThe execution of such links must be subject to user approval.\n\nIn the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution.\n\nThis is a corner case of CVE-2022-47502."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-03T12:06:14.858Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/ygp59swfcy6g46jf8v9s6qpwmxn8fsvb"
},
{
"url": "https://www.openoffice.org/security/cves/CVE-2023-47804.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OpenOffice: Macro URL arbitrary script execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-47804",
"datePublished": "2023-12-29T14:31:28.081Z",
"dateReserved": "2023-11-12T12:50:12.826Z",
"dateUpdated": "2025-02-13T17:18:09.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-47502 (GCVE-0-2022-47502)
Vulnerability from cvelistv5
Published
2023-03-24 15:57
Modified
2025-02-13 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose.
Links can be activated by clicks, or by automatic document events.
The execution of such links must be subject to user approval.
In the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:55:08.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/xr6tl91jj2jgcq8pdbrc4d8w13s6xn80"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2022-47502.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Altin Thartori (tin-z)"
},
{
"lang": "en",
"type": "reporter",
"value": "Joachim Mammele"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eLinks can be activated by clicks, or by automatic document events.\u003c/p\u003e\u003cp\u003eThe execution of such links must be subject to user approval.\u003c/p\u003e\u003cp\u003eIn the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose.\n\n\nLinks can be activated by clicks, or by automatic document events.\n\nThe execution of such links must be subject to user approval.\n\nIn the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution."
}
],
"metrics": [
{
"other": {
"content": {
"text": "critical"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-03T12:06:16.482Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/xr6tl91jj2jgcq8pdbrc4d8w13s6xn80"
},
{
"url": "https://www.openoffice.org/security/cves/CVE-2022-47502.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OpenOffice: Macro URL arbitrary script execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-47502",
"datePublished": "2023-03-24T15:57:28.611Z",
"dateReserved": "2022-12-15T17:45:04.193Z",
"dateUpdated": "2025-02-13T16:34:01.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38745 (GCVE-0-2022-38745)
Vulnerability from cvelistv5
Published
2023-03-24 15:56
Modified
2025-02-13 14:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 0 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2022-38745.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-38745",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T14:37:34.923763Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T14:38:34.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "4.1.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "sponsor",
"value": "European Commission\u0027s Open Source Programme Office"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eApache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.\n\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-24T15:56:48.549Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0"
},
{
"url": "https://www.openoffice.org/security/cves/CVE-2022-38745.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache OpenOffice: Empty entry in Java class path",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-38745",
"datePublished": "2023-03-24T15:56:48.549Z",
"dateReserved": "2022-08-25T07:16:01.549Z",
"dateUpdated": "2025-02-13T14:38:34.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37401 (GCVE-0-2022-37401)
Vulnerability from cvelistv5
Published
2022-08-13 06:40
Modified
2024-08-03 10:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-331 - Insufficient Entropy
Summary
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulnerable to a brute force attack if an attacker has access to the users stored config. This issue affects: Apache OpenOffice versions prior to 4.1.13. Reference: CVE-2022-26307 - LibreOffice
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice 4 < 4.1.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:29:21.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2022-37401.html"
},
{
"name": "[oss-security] 20220812 CVE-2022-37401: Apache OpenOffice Weak Master Keys",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "Apache OpenOffice 4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "OpenSource Security GmbH on behalf of the German Federal Office for Information Security"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OpenOffice supports the storage of passwords for web connections in the user\u0027s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulnerable to a brute force attack if an attacker has access to the users stored config. This issue affects: Apache OpenOffice versions prior to 4.1.13. Reference: CVE-2022-26307 - LibreOffice"
}
],
"metrics": [
{
"other": {
"content": {
"other": "important"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T08:20:28.678Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openoffice.org/security/cves/CVE-2022-37401.html"
},
{
"name": "[oss-security] 20220812 CVE-2022-37401: Apache OpenOffice Weak Master Keys",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache OpenOffice Weak Master Keys",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-37401",
"STATE": "PUBLIC",
"TITLE": "Apache OpenOffice Weak Master Keys"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Apache OpenOffice 4",
"version_value": "4.1.13"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "OpenSource Security GmbH on behalf of the German Federal Office for Information Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OpenOffice supports the storage of passwords for web connections in the user\u0027s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulnerable to a brute force attack if an attacker has access to the users stored config. This issue affects: Apache OpenOffice versions prior to 4.1.13. Reference: CVE-2022-26307 - LibreOffice"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "important"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-331 Insufficient Entropy"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openoffice.org/security/cves/CVE-2022-37401.html",
"refsource": "MISC",
"url": "https://www.openoffice.org/security/cves/CVE-2022-37401.html"
},
{
"name": "[oss-security] 20220812 CVE-2022-37401: Apache OpenOffice Weak Master Keys",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/2"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-37401",
"datePublished": "2022-08-13T06:40:25.000Z",
"dateReserved": "2022-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:29:21.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37400 (GCVE-0-2022-37400)
Vulnerability from cvelistv5
Published
2022-08-13 06:40
Modified
2024-08-03 10:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-330 - Use of Insufficiently Random Values
Summary
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user's configuration data. This issue affects: Apache OpenOffice versions prior to 4.1.13. Reference: CVE-2022-26306 - LibreOffice
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice 4 < 4.1.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:29:20.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2022-37400.html"
},
{
"name": "[oss-security] 20220812 CVE-2022-37400: Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "4.1.13",
"status": "affected",
"version": "Apache OpenOffice 4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "OpenSource Security GmbH on behalf of the German Federal Office for Information Security"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OpenOffice supports the storage of passwords for web connections in the user\u0027s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user\u0027s configuration data. This issue affects: Apache OpenOffice versions prior to 4.1.13. Reference: CVE-2022-26306 - LibreOffice"
}
],
"metrics": [
{
"other": {
"content": {
"other": "important"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T08:15:00.444Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openoffice.org/security/cves/CVE-2022-37400.html"
},
{
"name": "[oss-security] 20220812 CVE-2022-37400: Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-37400",
"STATE": "PUBLIC",
"TITLE": "Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Apache OpenOffice 4",
"version_value": "4.1.13"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "OpenSource Security GmbH on behalf of the German Federal Office for Information Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OpenOffice supports the storage of passwords for web connections in the user\u0027s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user\u0027s configuration data. This issue affects: Apache OpenOffice versions prior to 4.1.13. Reference: CVE-2022-26306 - LibreOffice"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "important"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-330 Use of Insufficiently Random Values"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openoffice.org/security/cves/CVE-2022-37400.html",
"refsource": "MISC",
"url": "https://www.openoffice.org/security/cves/CVE-2022-37400.html"
},
{
"name": "[oss-security] 20220812 CVE-2022-37400: Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/1"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-37400",
"datePublished": "2022-08-13T06:40:11.000Z",
"dateReserved": "2022-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:29:20.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41832 (GCVE-0-2021-41832)
Vulnerability from cvelistv5
Published
2021-10-11 08:10
Modified
2024-08-04 03:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Summary
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice < Version: OpenOffice.org < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:24.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd3214a568b43dd335b5d558f521377f4bff750684dea18eb041fc1bb%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211010 CVE-2021-41832: Apache OpenOffice: Content Manipulation with Certificate Validation Attack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfbc93cd7cea40e2ad3b6e080f688dd02566cdd2b1984fcbb6f8b0fb6%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.10",
"status": "affected",
"version": "Apache OpenOffice",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "OpenOffice.org",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany"
}
],
"descriptions": [
{
"lang": "en",
"value": "It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-11T11:06:13.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/rd3214a568b43dd335b5d558f521377f4bff750684dea18eb041fc1bb%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211010 CVE-2021-41832: Apache OpenOffice: Content Manipulation with Certificate Validation Attack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfbc93cd7cea40e2ad3b6e080f688dd02566cdd2b1984fcbb6f8b0fb6%40%3Cannounce.apache.org%3E"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Content Manipulation with Certificate Validation Attack",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-41832",
"STATE": "PUBLIC",
"TITLE": "Content Manipulation with Certificate Validation Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OpenOffice",
"version_value": "4.1.10"
},
{
"version_affected": "\u003c=",
"version_name": "OpenOffice.org",
"version_value": "3.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347 Improper Verification of Cryptographic Signature"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/rd3214a568b43dd335b5d558f521377f4bff750684dea18eb041fc1bb%40%3Cusers.openoffice.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd3214a568b43dd335b5d558f521377f4bff750684dea18eb041fc1bb%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211010 CVE-2021-41832: Apache OpenOffice: Content Manipulation with Certificate Validation Attack",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbc93cd7cea40e2ad3b6e080f688dd02566cdd2b1984fcbb6f8b0fb6@%3Cannounce.apache.org%3E"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-41832",
"datePublished": "2021-10-11T08:10:15.000Z",
"dateReserved": "2021-09-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:22:24.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41831 (GCVE-0-2021-41831)
Vulnerability from cvelistv5
Published
2021-10-11 08:10
Modified
2024-08-04 03:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Summary
It is possible for an attacker to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice < Version: OpenOffice.org < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:24.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra74d5057cdc781a36286a83e8bcbc90a7678f030ae73339c35dfc4f9%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211010 CVE-2021-41831: Apache OpenOffice: Timestamp Manipulation with Signature Wrapping",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc5c277cb83e335696657c5f27da1d1e2b5cb48346b0b55415a233757%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.10",
"status": "affected",
"version": "Apache OpenOffice",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "OpenOffice.org",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany"
}
],
"descriptions": [
{
"lang": "en",
"value": "It is possible for an attacker to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-11T11:06:15.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/ra74d5057cdc781a36286a83e8bcbc90a7678f030ae73339c35dfc4f9%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211010 CVE-2021-41831: Apache OpenOffice: Timestamp Manipulation with Signature Wrapping",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc5c277cb83e335696657c5f27da1d1e2b5cb48346b0b55415a233757%40%3Cannounce.apache.org%3E"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Timestamp Manipulation with Signature Wrapping",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-41831",
"STATE": "PUBLIC",
"TITLE": "Timestamp Manipulation with Signature Wrapping"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OpenOffice",
"version_value": "4.1.10"
},
{
"version_affected": "\u003c=",
"version_name": "OpenOffice.org",
"version_value": "3.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It is possible for an attacker to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347 Improper Verification of Cryptographic Signature"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/ra74d5057cdc781a36286a83e8bcbc90a7678f030ae73339c35dfc4f9%40%3Cusers.openoffice.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/ra74d5057cdc781a36286a83e8bcbc90a7678f030ae73339c35dfc4f9%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211010 CVE-2021-41831: Apache OpenOffice: Timestamp Manipulation with Signature Wrapping",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc5c277cb83e335696657c5f27da1d1e2b5cb48346b0b55415a233757@%3Cannounce.apache.org%3E"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-41831",
"datePublished": "2021-10-11T08:10:14.000Z",
"dateReserved": "2021-09-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:22:24.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41830 (GCVE-0-2021-41830)
Vulnerability from cvelistv5
Published
2021-10-11 08:10
Modified
2024-08-04 03:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Summary
It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice < Version: OpenOffice.org < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:22:24.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r97d287c88881aa581f1b18cb01e2cbedc4e6eae85958491acb89b12e%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211010 CVE-2021-41830: Apache OpenOffice: Double Certificate Attack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/raaab8a3b91f8d7b7ba14f873b8d0fd13952c823acc3385b7a374e754%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.10",
"status": "affected",
"version": "Apache OpenOffice",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "OpenOffice.org",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany"
}
],
"descriptions": [
{
"lang": "en",
"value": "It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory."
}
],
"metrics": [
{
"other": {
"content": {
"other": "high"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-11T11:06:11.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/r97d287c88881aa581f1b18cb01e2cbedc4e6eae85958491acb89b12e%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211010 CVE-2021-41830: Apache OpenOffice: Double Certificate Attack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/raaab8a3b91f8d7b7ba14f873b8d0fd13952c823acc3385b7a374e754%40%3Cannounce.apache.org%3E"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Double Certificate Attack",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-41830",
"STATE": "PUBLIC",
"TITLE": "Double Certificate Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OpenOffice",
"version_value": "4.1.10"
},
{
"version_affected": "\u003c=",
"version_name": "OpenOffice.org",
"version_value": "3.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "high"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347 Improper Verification of Cryptographic Signature"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/r97d287c88881aa581f1b18cb01e2cbedc4e6eae85958491acb89b12e%40%3Cusers.openoffice.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r97d287c88881aa581f1b18cb01e2cbedc4e6eae85958491acb89b12e%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211010 CVE-2021-41830: Apache OpenOffice: Double Certificate Attack",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/raaab8a3b91f8d7b7ba14f873b8d0fd13952c823acc3385b7a374e754@%3Cannounce.apache.org%3E"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-41830",
"datePublished": "2021-10-11T08:10:12.000Z",
"dateReserved": "2021-09-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:22:24.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40439 (GCVE-0-2021-40439)
Vulnerability from cvelistv5
Published
2021-10-07 15:50
Modified
2024-08-04 02:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Summary
Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a "Billion Laughs" entity expansion denial of service attack and exploit via crafted XML files. ODF files consist of a set of XML files. All versions of Apache OpenOffice up to 4.1.10 are subject to this issue. expat in version 4.1.11 is patched.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice < Version: OpenOffice.org < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:44:10.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r41eca5f4f09e74436cbb05dec450fc2bef37b5d3e966aa7cc5fada6d%40%3Cannounce.apache.org%3E"
},
{
"name": "[openoffice-users] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[oss-security] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/07/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.10",
"status": "affected",
"version": "Apache OpenOffice",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "OpenOffice.org",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a \"Billion Laughs\" entity expansion denial of service attack and exploit via crafted XML files. ODF files consist of a set of XML files. All versions of Apache OpenOffice up to 4.1.10 are subject to this issue. expat in version 4.1.11 is patched."
}
],
"metrics": [
{
"other": {
"content": {
"other": "medium"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-07T17:06:15.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r41eca5f4f09e74436cbb05dec450fc2bef37b5d3e966aa7cc5fada6d%40%3Cannounce.apache.org%3E"
},
{
"name": "[openoffice-users] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[oss-security] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/07/4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Billion Laughs",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-40439",
"STATE": "PUBLIC",
"TITLE": "Billion Laughs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OpenOffice",
"version_value": "4.1.10"
},
{
"version_affected": "\u003c=",
"version_name": "OpenOffice.org",
"version_value": "3.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a \"Billion Laughs\" entity expansion denial of service attack and exploit via crafted XML files. ODF files consist of a set of XML files. All versions of Apache OpenOffice up to 4.1.10 are subject to this issue. expat in version 4.1.11 is patched."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "medium"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611 Improper Restriction of XML External Entity Reference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r41eca5f4f09e74436cbb05dec450fc2bef37b5d3e966aa7cc5fada6d@%3Cannounce.apache.org%3E"
},
{
"name": "[openoffice-users] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702@%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[oss-security] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/10/07/4"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-40439",
"datePublished": "2021-10-07T15:50:12.000Z",
"dateReserved": "2021-09-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T02:44:10.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28129 (GCVE-0-2021-28129)
Vulnerability from cvelistv5
Published
2021-10-07 15:50
Modified
2024-08-03 21:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop integration and could allow a crafted attack on files owned by that user or group if they exist. Users who installed the Apache OpenOffice 4.1.8 DEB packaging should upgrade to the latest version of Apache OpenOffice.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice 4.1.8 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:33:17.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc9090ab48b4699494b63b35cd6d7414c52d665ecae12add3cdc56c9b%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9e72234dd662280fa1a3cca6164d3470a1dbc0d8e53e48ba27f787ce%40%3Cannounce.apache.org%3E"
},
{
"name": "[openoffice-users] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc9090ab48b4699494b63b35cd6d7414c52d665ecae12add3cdc56c9b%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[oss-security] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/07/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Linux DEB installs"
],
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache OpenOffice 4.1.8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Arrigo Marchiori"
}
],
"descriptions": [
{
"lang": "en",
"value": "While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop integration and could allow a crafted attack on files owned by that user or group if they exist. Users who installed the Apache OpenOffice 4.1.8 DEB packaging should upgrade to the latest version of Apache OpenOffice."
}
],
"metrics": [
{
"other": {
"content": {
"other": "low"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-07T17:06:22.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/rc9090ab48b4699494b63b35cd6d7414c52d665ecae12add3cdc56c9b%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9e72234dd662280fa1a3cca6164d3470a1dbc0d8e53e48ba27f787ce%40%3Cannounce.apache.org%3E"
},
{
"name": "[openoffice-users] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc9090ab48b4699494b63b35cd6d7414c52d665ecae12add3cdc56c9b%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[oss-security] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/07/5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-28129",
"STATE": "PUBLIC",
"TITLE": "DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"platform": "Linux DEB installs",
"version_affected": "=",
"version_name": "Apache OpenOffice",
"version_value": "4.1.8"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Arrigo Marchiori"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop integration and could allow a crafted attack on files owned by that user or group if they exist. Users who installed the Apache OpenOffice 4.1.8 DEB packaging should upgrade to the latest version of Apache OpenOffice."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/rc9090ab48b4699494b63b35cd6d7414c52d665ecae12add3cdc56c9b%40%3Cusers.openoffice.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rc9090ab48b4699494b63b35cd6d7414c52d665ecae12add3cdc56c9b%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9e72234dd662280fa1a3cca6164d3470a1dbc0d8e53e48ba27f787ce@%3Cannounce.apache.org%3E"
},
{
"name": "[openoffice-users] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc9090ab48b4699494b63b35cd6d7414c52d665ecae12add3cdc56c9b@%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[oss-security] 20211007 CVE-2021-28129: DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupid",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/10/07/5"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-28129",
"datePublished": "2021-10-07T15:50:11.000Z",
"dateReserved": "2021-03-10T00:00:00.000Z",
"dateUpdated": "2024-08-03T21:33:17.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33035 (GCVE-0-2021-33035)
Vulnerability from cvelistv5
Published
2021-09-23 08:10
Modified
2024-08-03 23:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice < Version: OpenOffice.org < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:19.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/apache/openoffice/commit/efddaef0151af3be16078cc4d88c6bae0f911e56#diff-ea66e734dd358922aba12ad4ba39c96bdc6cbde587d07dbc63d04daa0a30e90f"
},
{
"name": "[announce] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r929c0c6a53cad64a1007b878342756badbb05ddd9b8f31a6d0b424cb%40%3Cannounce.apache.org%3E"
},
{
"name": "[openoffice-users] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1ab8532e11f41bc7ca057ac7e39cab25f2e1f9d5f4929788ae21c8b9%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[oss-security] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/07/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.10",
"status": "affected",
"version": "Apache OpenOffice",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "OpenOffice.org",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10"
}
],
"metrics": [
{
"other": {
"content": {
"other": "high"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-07T17:06:07.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apache/openoffice/commit/efddaef0151af3be16078cc4d88c6bae0f911e56#diff-ea66e734dd358922aba12ad4ba39c96bdc6cbde587d07dbc63d04daa0a30e90f"
},
{
"name": "[announce] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r929c0c6a53cad64a1007b878342756badbb05ddd9b8f31a6d0b424cb%40%3Cannounce.apache.org%3E"
},
{
"name": "[openoffice-users] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1ab8532e11f41bc7ca057ac7e39cab25f2e1f9d5f4929788ae21c8b9%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[oss-security] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/10/07/3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Buffer overflow from a crafted DBF file",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-33035",
"STATE": "PUBLIC",
"TITLE": "Buffer overflow from a crafted DBF file"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OpenOffice",
"version_value": "4.1.10"
},
{
"version_affected": "\u003c=",
"version_name": "OpenOffice.org",
"version_value": "3.4"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "high"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/apache/openoffice/commit/efddaef0151af3be16078cc4d88c6bae0f911e56#diff-ea66e734dd358922aba12ad4ba39c96bdc6cbde587d07dbc63d04daa0a30e90f",
"refsource": "MISC",
"url": "https://github.com/apache/openoffice/commit/efddaef0151af3be16078cc4d88c6bae0f911e56#diff-ea66e734dd358922aba12ad4ba39c96bdc6cbde587d07dbc63d04daa0a30e90f"
},
{
"name": "[announce] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r929c0c6a53cad64a1007b878342756badbb05ddd9b8f31a6d0b424cb@%3Cannounce.apache.org%3E"
},
{
"name": "[openoffice-users] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1ab8532e11f41bc7ca057ac7e39cab25f2e1f9d5f4929788ae21c8b9@%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[oss-security] 20211007 CVE-2021-33035: Apache OpenOffice: Buffer overflow from a crafted DBF file",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/10/07/3"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-33035",
"datePublished": "2021-09-23T08:10:10.000Z",
"dateReserved": "2021-05-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:42:19.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30245 (GCVE-0-2021-30245)
Vulnerability from cvelistv5
Published
2021-04-15 19:30
Modified
2024-08-03 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insecure non-http(s) Hyperlinks could lead to untrusted code execution
Summary
The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:24:59.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-users] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[openoffice-users] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7c01173f763b0c4212ada0e6ab283984d6e058d72258efce85c006ab%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1.9",
"status": "affected",
"version": "Apache OpenOffice",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Fabian Br\u00e4unlein and Lukas Euler of Positive Security"
}
],
"descriptions": [
{
"lang": "en",
"value": "The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure non-http(s) Hyperlinks could lead to untrusted code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-16T01:06:21.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-users] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[openoffice-users] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7c01173f763b0c4212ada0e6ab283984d6e058d72258efce85c006ab%40%3Cannounce.apache.org%3E"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-30245",
"STATE": "PUBLIC",
"TITLE": "Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache OpenOffice",
"version_value": "4.1.9"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Fabian Br\u00e4unlein and Lukas Euler of Positive Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure non-http(s) Hyperlinks could lead to untrusted code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735@%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5@%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-users] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735@%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[openoffice-users] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5@%3Cusers.openoffice.apache.org%3E"
},
{
"name": "[announce] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7c01173f763b0c4212ada0e6ab283984d6e058d72258efce85c006ab@%3Cannounce.apache.org%3E"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-30245",
"datePublished": "2021-04-15T19:30:14.000Z",
"dateReserved": "2021-04-07T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:24:59.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11790 (GCVE-0-2018-11790)
Vulnerability from cvelistv5
Published
2019-01-31 16:00
Modified
2024-09-16 19:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: Apache OpenOffice 4.1.5 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:17:09.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2018-11790.html"
},
{
"name": "USN-3883-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "106803",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106803"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache OpenOffice 4.1.5 and earlier"
}
]
}
],
"datePublic": "2018-11-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-17T00:06:09.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openoffice.org/security/cves/CVE-2018-11790.html"
},
{
"name": "USN-3883-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "106803",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106803"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-11-18T00:00:00",
"ID": "CVE-2018-11790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_value": "Apache OpenOffice 4.1.5 and earlier"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openoffice.org/security/cves/CVE-2018-11790.html",
"refsource": "CONFIRM",
"url": "https://www.openoffice.org/security/cves/CVE-2018-11790.html"
},
{
"name": "USN-3883-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "106803",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106803"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b@%3Ccommits.openoffice.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-11790",
"datePublished": "2019-01-31T16:00:00.000Z",
"dateReserved": "2018-06-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:30:22.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12608 (GCVE-0-2017-12608)
Vulnerability from cvelistv5
Published
2017-11-20 20:00
Modified
2024-09-16 20:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Potential Arbitrary Code Execution
Summary
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039735",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039735"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2017-12608.html"
},
{
"name": "DSA-4022",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4022"
},
{
"name": "101585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101585"
},
{
"name": "[debian-lts-announce] 20171220 [SECURITY] [DLA 1214-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html"
},
{
"name": "1039733",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039733"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
}
]
}
],
"datePublic": "2017-11-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential Arbitrary Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "1039735",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039735"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openoffice.org/security/cves/CVE-2017-12608.html"
},
{
"name": "DSA-4022",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4022"
},
{
"name": "101585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101585"
},
{
"name": "[debian-lts-announce] 20171220 [SECURITY] [DLA 1214-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html"
},
{
"name": "1039733",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039733"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-11-19T00:00:00",
"ID": "CVE-2017-12608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potential Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039735",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039735"
},
{
"name": "https://www.openoffice.org/security/cves/CVE-2017-12608.html",
"refsource": "CONFIRM",
"url": "https://www.openoffice.org/security/cves/CVE-2017-12608.html"
},
{
"name": "DSA-4022",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4022"
},
{
"name": "101585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101585"
},
{
"name": "[debian-lts-announce] 20171220 [SECURITY] [DLA 1214-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html"
},
{
"name": "1039733",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039733"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-12608",
"datePublished": "2017-11-20T20:00:00.000Z",
"dateReserved": "2017-08-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:17:10.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3157 (GCVE-0-2017-3157)
Vulnerability from cvelistv5
Published
2017-11-20 20:00
Modified
2024-09-16 20:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0914",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0914"
},
{
"name": "DSA-3792",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3792"
},
{
"name": "1037893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037893"
},
{
"name": "96402",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96402"
},
{
"name": "RHSA-2017:0979",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0979"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2017-3157.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
}
]
}
],
"datePublic": "2017-11-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user\u0027s filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "RHSA-2017:0914",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0914"
},
{
"name": "DSA-3792",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3792"
},
{
"name": "1037893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037893"
},
{
"name": "96402",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96402"
},
{
"name": "RHSA-2017:0979",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0979"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openoffice.org/security/cves/CVE-2017-3157.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-11-19T00:00:00",
"ID": "CVE-2017-3157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user\u0027s filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0914",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0914"
},
{
"name": "DSA-3792",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3792"
},
{
"name": "1037893",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037893"
},
{
"name": "96402",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96402"
},
{
"name": "RHSA-2017:0979",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0979"
},
{
"name": "https://www.openoffice.org/security/cves/CVE-2017-3157.html",
"refsource": "CONFIRM",
"url": "https://www.openoffice.org/security/cves/CVE-2017-3157.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-3157",
"datePublished": "2017-11-20T20:00:00.000Z",
"dateReserved": "2016-12-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:16:57.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12607 (GCVE-0-2017-12607)
Vulnerability from cvelistv5
Published
2017-11-20 19:00
Modified
2024-09-16 19:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Potential Arbitrary Code Execution
Summary
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4022",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4022"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2017-12607.html"
},
{
"name": "101585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101585"
},
{
"name": "[debian-lts-announce] 20171220 [SECURITY] [DLA 1214-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html"
},
{
"name": "1039734",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039734"
},
{
"name": "1039732",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039732"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
}
]
}
],
"datePublic": "2017-11-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in OpenOffice\u0027s PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential Arbitrary Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "DSA-4022",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4022"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openoffice.org/security/cves/CVE-2017-12607.html"
},
{
"name": "101585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101585"
},
{
"name": "[debian-lts-announce] 20171220 [SECURITY] [DLA 1214-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html"
},
{
"name": "1039734",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039734"
},
{
"name": "1039732",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039732"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-11-19T00:00:00",
"ID": "CVE-2017-12607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in OpenOffice\u0027s PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potential Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4022",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4022"
},
{
"name": "https://www.openoffice.org/security/cves/CVE-2017-12607.html",
"refsource": "CONFIRM",
"url": "https://www.openoffice.org/security/cves/CVE-2017-12607.html"
},
{
"name": "101585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101585"
},
{
"name": "[debian-lts-announce] 20171220 [SECURITY] [DLA 1214-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html"
},
{
"name": "1039734",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039734"
},
{
"name": "1039732",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039732"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-12607",
"datePublished": "2017-11-20T19:00:00.000Z",
"dateReserved": "2017-08-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:11:04.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9806 (GCVE-0-2017-9806)
Vulnerability from cvelistv5
Published
2017-11-20 17:00
Modified
2024-09-16 22:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Potential Arbitrary Code Execution
Summary
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:18:02.109Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2017-9806.html"
},
{
"name": "101585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101585"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
}
]
}
],
"datePublic": "2017-11-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential Arbitrary Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-21T10:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2017-9806.html"
},
{
"name": "101585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101585"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-11-18T00:00:00",
"ID": "CVE-2017-9806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potential Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openoffice.org/security/cves/CVE-2017-9806.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2017-9806.html"
},
{
"name": "101585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101585"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-9806",
"datePublished": "2017-11-20T17:00:00.000Z",
"dateReserved": "2017-06-21T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:45:39.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6804 (GCVE-0-2016-6804)
Vulnerability from cvelistv5
Published
2017-11-20 15:00
Modified
2024-09-16 17:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Arbitrary Code Execution at installation time
Summary
The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 4.0.0 to 4.1.2 Version: older releases are also affected, including some branded as OpenOffice.org |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:37.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2016-6804.html"
},
{
"name": "93774",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93774"
},
{
"name": "1037016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "4.0.0 to 4.1.2"
},
{
"status": "affected",
"version": "older releases are also affected, including some branded as OpenOffice.org"
}
]
}
],
"datePublic": "2017-11-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution at installation time",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-21T10:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openoffice.org/security/cves/CVE-2016-6804.html"
},
{
"name": "93774",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93774"
},
{
"name": "1037016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-11-18T00:00:00",
"ID": "CVE-2016-6804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 4.1.2"
},
{
"version_value": "older releases are also affected, including some branded as OpenOffice.org"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution at installation time"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openoffice.org/security/cves/CVE-2016-6804.html",
"refsource": "CONFIRM",
"url": "https://www.openoffice.org/security/cves/CVE-2016-6804.html"
},
{
"name": "93774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93774"
},
{
"name": "1037016",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2016-6804",
"datePublished": "2017-11-20T15:00:00.000Z",
"dateReserved": "2016-08-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:32:53.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6803 (GCVE-0-2016-6803)
Vulnerability from cvelistv5
Published
2017-11-13 14:00
Modified
2024-09-16 17:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Trojan Execution (on previously infected system)
Summary
An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache OpenOffice |
Version: 4.0.0 to 4.1.2 Version: Older versions, including some using the previous OpenOffice.org brand, are also affected. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94418",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94418"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openoffice.org/security/cves/CVE-2016-6803.html"
},
{
"name": "1037015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "4.0.0 to 4.1.2"
},
{
"status": "affected",
"version": "Older versions, including some using the previous OpenOffice.org brand, are also affected."
}
]
}
],
"datePublic": "2016-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An installer defect known as an \"unquoted Windows search path vulnerability\" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Trojan Execution (on previously infected system)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T10:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "94418",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94418"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openoffice.org/security/cves/CVE-2016-6803.html"
},
{
"name": "1037015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037015"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2016-10-11T00:00:00",
"ID": "CVE-2016-6803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 4.1.2"
},
{
"version_value": "Older versions, including some using the previous OpenOffice.org brand, are also affected."
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An installer defect known as an \"unquoted Windows search path vulnerability\" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Trojan Execution (on previously infected system)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94418",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94418"
},
{
"name": "https://www.openoffice.org/security/cves/CVE-2016-6803.html",
"refsource": "CONFIRM",
"url": "https://www.openoffice.org/security/cves/CVE-2016-6803.html"
},
{
"name": "1037015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037015"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2016-6803",
"datePublished": "2017-11-13T14:00:00.000Z",
"dateReserved": "2016-08-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:54:04.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}