Vulnerabilites related to sun - staroffice
Vulnerability from fkie_nvd
Published
2006-12-31 05:00
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openoffice | openoffice | * | |
| sun | staroffice | 6.0 | |
| sun | staroffice | 7.0 | |
| sun | staroffice | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openoffice:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DB4E8C2-D2B5-4130-B2D5-45B9980509C9",
"versionEndIncluding": "2.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA77A764-8311-4108-8155-920EC12AC0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB60F92-5543-4D1E-8CE1-525D65AECF5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D51979-56BC-46A4-A6FB-45BC56CB6D5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de enteros en OpenOffice.org (OOo) 2.0.4 y anteriores, y posiblemente otras versiones anteriores a 2.1.0;y StarOffice 6 hasta 8; permiten a un atacante remoto con la intervenci\u00f3n del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante (1) ficheros WMF o (b) EMF manipulados que disparan un desbordamiento de b\u00fafer basado en mont\u00edculo en (1) wmf/winwmf.cxx, durante el procesamiento de registros META_ESCAPE; y wmf/enhwmf.cxx durante el procesamiento de (2) registros EMR_POLYPOLYGON y (3) EMR_POLYPOLYGON16."
}
],
"id": "CVE-2006-5870",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly"
},
{
"source": "cve@mitre.org",
"url": "http://fedoranews.org/cms/node/2344"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32610"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32611"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23549"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23600"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23612"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23616"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23620"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23682"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23683"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23711"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23712"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23762"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23920"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200701-07.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017466"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102735-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1246"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/220288"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:006"
},
{
"source": "cve@mitre.org",
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openoffice.org/issues/show_bug.cgi?id=70042"
},
{
"source": "cve@mitre.org",
"url": "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0001.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/455943/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/455947/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/455954/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/455964/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/456271/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-406-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0031"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0059"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31257"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-905"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8280"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/cms/node/2344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200701-07.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102735-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/220288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openoffice.org/issues/show_bug.cgi?id=70042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/455943/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/455947/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/455954/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/455964/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/456271/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-406-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9145"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-30 18:05
Modified
2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openoffice | openoffice | 1.1.0 | |
| openoffice | openoffice | 1.1.1 | |
| openoffice | openoffice | 1.1.2 | |
| openoffice | openoffice | 1.1.3 | |
| openoffice | openoffice | 1.1.4 | |
| openoffice | openoffice | 1.1.5 | |
| openoffice | openoffice | 2.0.0 | |
| openoffice | openoffice | 2.0.1 | |
| openoffice | openoffice | 2.0.2 | |
| sun | staroffice | 6.0 | |
| sun | staroffice | 7.0 | |
| sun | staroffice | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EA7C32-30D8-4367-B2F6-6394408E63B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A063FBBE-4D34-45D0-9AC8-66CFC64D22EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0436BF-D4B6-4437-A509-FEBB779E4B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E24B3240-5110-4810-A37A-C9A0B4A1F856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D14968CA-8FA9-4E71-9C0C-3ABFBE7920C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "96B4ED38-FE08-40F3-B164-482146BF7BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4999E6F1-2983-48B1-8FEF-830DD4845CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA089E1-3B23-47FA-84BB-81225AD200EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "021D5A76-3F8E-4BBC-8776-D8E13F70D26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA77A764-8311-4108-8155-920EC12AC0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB60F92-5543-4D1E-8CE1-525D65AECF5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D51979-56BC-46A4-A6FB-45BC56CB6D5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Java Applets en OpenOffice.org v1.1.x (tambien conocido como StarOffice) hasta la v1.1.5 y v2.0.x anteriores a v2.0.3 permite a atacantes asistidos por el usuario escapar el Java sandbox y realizar actividades no autorizadas a trav\u00e9s de ciertos applets en documentos OpenOffice."
}
],
"id": "CVE-2006-2199",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-06-30T18:05:00.000",
"references": [
{
"source": "security@debian.org",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20867"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20893"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20910"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20911"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20913"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20975"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20995"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21278"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23620"
},
{
"source": "security@debian.org",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"source": "security@debian.org",
"url": "http://securitytracker.com/id?1016414"
},
{
"source": "security@debian.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"source": "security@debian.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/243681"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"source": "security@debian.org",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"source": "security@debian.org",
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"source": "security@debian.org",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/18737"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"source": "security@debian.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27569"
},
{
"source": "security@debian.org",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"source": "security@debian.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/243681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-03-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | staroffice | 5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:staroffice:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C93C6E1-EF21-4CAA-96EC-780BDDA33488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command."
}
],
"id": "CVE-2000-0175",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-03-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1039"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-18 21:17
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | openoffice | * | |
| sun | staroffice | 6.0 | |
| sun | staroffice | 7.0 | |
| sun | staroffice | 8.0 | |
| sun | starsuite | * | |
| debian | debian_linux | 3.1 | |
| debian | debian_linux | 4.0 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 6.10 | |
| canonical | ubuntu_linux | 7.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A43B53AA-65DC-4C8E-B9D8-BB5DA4FDD3B6",
"versionEndExcluding": "2.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA77A764-8311-4108-8155-920EC12AC0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB60F92-5543-4D1E-8CE1-525D65AECF5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D51979-56BC-46A4-A6FB-45BC56CB6D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:starsuite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28296FE1-DE90-4CB7-94CF-ED73C3AD8BE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en el analizador TIFF en OpenOffice.org (OOo) anterior a la versi\u00f3n 2.3; y Office Suit (StarSuite) de Sun StarOffice versiones 6, 7 y 8 ; permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo TIFF con valores creados de campos de longitud no especificada, lo que desencadena la asignaci\u00f3n de una cantidad inapropiada de memoria, resultando en un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria."
}
],
"id": "CVE-2007-2834",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-09-18T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=192818"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-237.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-700.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=593"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-09/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26816"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26817"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26839"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26844"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26855"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26861"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26891"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26903"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26912"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27077"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27087"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27370"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-24.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1018702"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102994-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200190-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1375"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"URL Repurposed"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:186"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-2834.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0848.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/479965/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25690"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-524-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3184"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3262"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36656"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://issues.rpath.com/browse/RPL-1740"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=192818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-237.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-700.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-09/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-24.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1018702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102994-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200190-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"URL Repurposed"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-2834.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0848.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/479965/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-524-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://issues.rpath.com/browse/RPL-1740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9967"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-10 04:06
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | nss | * | |
| sun | secure_global_desktop | * | |
| sun | staroffice | * | |
| sun | solaris | 9.0 | |
| sun | solaris | 10.0 | |
| sun | sunos | 5.8 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1_2 | |
| sun | jre | 1.3.1_03 | |
| sun | jre | 1.3.1_04 | |
| sun | jre | 1.3.1_05 | |
| sun | jre | 1.3.1_06 | |
| sun | jre | 1.3.1_07 | |
| sun | jre | 1.3.1_08 | |
| sun | jre | 1.3.1_09 | |
| sun | jre | 1.3.1_10 | |
| sun | jre | 1.3.1_11 | |
| sun | jre | 1.3.1_12 | |
| sun | jre | 1.3.1_13 | |
| sun | jre | 1.3.1_14 | |
| sun | jre | 1.3.1_15 | |
| sun | jre | 1.3.1_16 | |
| sun | jre | 1.3.1_17 | |
| sun | jre | 1.3.1_18 | |
| sun | jre | 1.3.1_19 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2_1 | |
| sun | jre | 1.4.2_2 | |
| sun | jre | 1.4.2_3 | |
| sun | jre | 1.4.2_4 | |
| sun | jre | 1.4.2_5 | |
| sun | jre | 1.4.2_6 | |
| sun | jre | 1.4.2_7 | |
| sun | jre | 1.4.2_8 | |
| sun | jre | 1.4.2_9 | |
| sun | jre | 1.4.2_10 | |
| sun | jre | 1.4.2_11 | |
| sun | jre | 1.4.2_12 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | sdk | 1.3.1 | |
| sun | sdk | 1.3.1_01 | |
| sun | sdk | 1.3.1_01a | |
| sun | sdk | 1.3.1_02 | |
| sun | sdk | 1.3.1_03 | |
| sun | sdk | 1.3.1_04 | |
| sun | sdk | 1.3.1_05 | |
| sun | sdk | 1.3.1_06 | |
| sun | sdk | 1.3.1_07 | |
| sun | sdk | 1.3.1_08 | |
| sun | sdk | 1.3.1_09 | |
| sun | sdk | 1.3.1_10 | |
| sun | sdk | 1.3.1_11 | |
| sun | sdk | 1.3.1_12 | |
| sun | sdk | 1.3.1_13 | |
| sun | sdk | 1.3.1_14 | |
| sun | sdk | 1.3.1_15 | |
| sun | sdk | 1.3.1_16 | |
| sun | sdk | 1.3.1_17 | |
| sun | sdk | 1.3.1_18 | |
| sun | sdk | 1.3.1_19 | |
| sun | sdk | 1.4.2 | |
| sun | sdk | 1.4.2_1 | |
| sun | sdk | 1.4.2_2 | |
| sun | sdk | 1.4.2_3 | |
| sun | sdk | 1.4.2_4 | |
| sun | sdk | 1.4.2_5 | |
| sun | sdk | 1.4.2_6 | |
| sun | sdk | 1.4.2_7 | |
| sun | sdk | 1.4.2_8 | |
| sun | sdk | 1.4.2_9 | |
| sun | sdk | 1.4.2_10 | |
| sun | sdk | 1.4.2_11 | |
| sun | sdk | 1.4.2_12 | |
| sun | jsse | 1.0.3 | |
| sun | jsse | 1.0.3_01 | |
| sun | jsse | 1.0.3_02 | |
| sun | jsse | 1.0.3_03 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:nss:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2112B58-9424-4F9D-B37A-35C5FCCC7C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:secure_global_desktop:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F8B9B9F-E485-4265-AD4F-470B32DF841F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E60B3BF-0114-4BB5-8C21-B2ABF713F7AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:*:*:*:sparc:*:*",
"matchCriteriaId": "BCA7836E-A936-4832-81A2-2D31F0642ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:*:*:*:*:sparc:*:*",
"matchCriteriaId": "907AE0E2-E467-433E-AEEF-BC05AE7AF95B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D57BC929-6C98-4F36-B31B-6B946F986D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7042B56E-349E-40F4-ADD7-DEF1E9D8E964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*",
"matchCriteriaId": "0875E34D-8544-49B9-BAD9-8191CC103A07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*",
"matchCriteriaId": "62E772B9-8E41-476F-81F5-87B41F1827A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE78463-2CE8-43C6-BB06-AA40C72B1A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*",
"matchCriteriaId": "31A04480-92DF-49AD-9B36-7F1FCB29DE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FD0B72-683D-4FF6-BCF5-5DE85BF3064B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*",
"matchCriteriaId": "F78CD4B5-4B1D-4128-8AEA-2F967C38C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*",
"matchCriteriaId": "62CAA3E7-9D65-48F3-ACF7-9D705D94DE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*",
"matchCriteriaId": "477C310B-50AD-4D40-8EDB-4A80F0BF321D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*",
"matchCriteriaId": "60A1F526-6B28-47A3-8D2C-06CA067E9164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*",
"matchCriteriaId": "17F09D9E-B04B-477E-86E6-E1B1F9650973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*",
"matchCriteriaId": "6F929C59-9602-4962-95B4-4165D66E5935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B76949-9282-44D0-8075-74E482CE9A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B072DD-FC4F-4E07-9837-0E16017CA4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*",
"matchCriteriaId": "969BE4EC-4D13-4B74-8137-FA0F83F0FDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*",
"matchCriteriaId": "86408019-1B53-4AA8-9F05-47EBD0466EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*",
"matchCriteriaId": "81F47561-F59C-4904-8E05-D8A9629405A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*",
"matchCriteriaId": "FB067445-8EA5-460F-B625-C21251E5A8D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C075BC-607E-47A1-A32D-B912D2FA03BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:-:*:*:*:*:*:*",
"matchCriteriaId": "787DCE54-6991-4A1A-836B-3C46A02C7400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEAB662-644A-4D7B-8237-64142CF48724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9598A49-95F2-42DB-B92C-CD026F739B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "D011585C-0E62-4233-85FA-F29A07D68DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "F226D898-F0E8-41D8-BF40-54DE9FB5426D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE28C283-447A-4F83-B96B-69F96E663C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5F0AD0F9-E797-4E16-95F3-C1AFDA557D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "167D85F7-0D94-49CC-8A5E-F5FAB00ADFBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*",
"matchCriteriaId": "34710306-D6CF-4D07-84BF-71A8839BE416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*",
"matchCriteriaId": "44B93DC8-6375-4B41-B9BC-F22F592C56B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*",
"matchCriteriaId": "87BF46A9-8E4A-4583-B35F-052FD481DF66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*",
"matchCriteriaId": "32B351BB-6CA6-4CEF-9F5D-ED47774FC676",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA40FCD-1D34-4C47-908F-697433236153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*",
"matchCriteriaId": "00639A84-BD03-4BD9-A655-F806693DBC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*",
"matchCriteriaId": "14824B23-FF9F-4D6D-9D02-12B79BE346A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*",
"matchCriteriaId": "6493744C-A69D-4377-937E-85E7F5535EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*",
"matchCriteriaId": "C09019B1-B873-41CE-951E-4777F324729C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4209A0-E73F-4B5A-9925-B5D20F879455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*",
"matchCriteriaId": "297DF5AD-FC22-432B-AE6A-2B1E6CFE1BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB8516D-03C4-478D-AFE2-824867FDC739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*",
"matchCriteriaId": "F82AED17-FEC3-47D0-A395-26ACD07FBE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*",
"matchCriteriaId": "9630BC7B-9039-4FA6-86F8-5274783F3EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A6A15C-216A-42B1-84EF-B3D9A313D4A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*",
"matchCriteriaId": "EC39C819-9439-4029-8377-F6D58B3DFDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*",
"matchCriteriaId": "A053DEF6-1317-4DA8-91D7-E1970DA62351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DBFDD8-40AE-44F2-8F02-FB7A4FAE5235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0605FF-3DDC-4F3A-8171-F3A447E9C292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*",
"matchCriteriaId": "801FF3B4-0729-4710-BFC2-4B078029944F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "002CA86D-3090-4C7A-947A-21CB5D1ADD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6453C9-7EE0-4FFB-861D-C2D9416DCABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "89BF16DE-EEAB-4DA5-BFF1-7A0A58DE141F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDE253E-C8B6-4C1D-AECE-ABEA1A67306B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "A56D9A60-F272-4D4C-A9DD-C93DAF783585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "EF109CAA-E8D2-4BD7-BE7C-AF8B2A78672E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "976F4ACB-3725-45B7-B2EF-DEE4B88254E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "52BDD6A8-1611-4C3C-865D-6EDB5B9F8D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1F28FF-652A-4C89-9AC6-5E212F890811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "96A8C351-E9CD-431B-8B9D-712CA54C7213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "36888382-79C8-4C97-A654-C668CD68556F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "F34C99E6-F9F0-4EF3-8601-B47EAE3D7273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "A74DD08D-CEDB-460E-BED5-78F6CAF18BF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jsse:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "432EB8F8-52C0-4FF3-97E5-92F670DFEE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jsse:1.0.3_01:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC8159F-4CB2-4A94-B7DF-4D7496EBA55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jsse:1.0.3_02:*:*:*:*:*:*:*",
"matchCriteriaId": "7D51B8BB-C05E-42A2-A6EC-87F73A3CDF98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jsse:1.0.3_03:*:*:*:*:*:*:*",
"matchCriteriaId": "516A74B2-CEE6-492D-8884-60CC3D5C70EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1."
},
{
"lang": "es",
"value": "M\u00faltiples paquetes sobre Sun Solaris, incluyendo (1) NSS; (2) Java JDK and JRE 5.0 Update 8 y anteriores, SDK y JRE 1.4.x hasta 1.4.2_12, y SDK y JRE 1.3.x hasta 1.3.1_19; (3) JSSE 1.0.3_03 y anteriores; (4) IPSec/IKE; (5) Secure Global Desktop; y (6) StarOffice, cuando se usa una llave RSA con un exponente 3, elimina el relleno PKCS-1 antes de generar un hash, lo cual permite a un atacante remoto falsificar una firma PKCS #1 v1.5 que esta firmada por una llave RSA y evita que estos productos verifiquen correctamente X.509 y otros certificados que utilicen PKCS #1."
}
],
"id": "CVE-2006-5201",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-10T04:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22204"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22226"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22325"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22992"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3960"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | staroffice | 5.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:staroffice:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "144E91CB-BC98-48B0-9507-10BFD22280F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice."
}
],
"id": "CVE-2000-1156",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-01-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0115.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1922"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5487"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-04-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/1112 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1112 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | staroffice | 5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:staroffice:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C93C6E1-EF21-4CAA-96EC-780BDDA33488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document."
}
],
"id": "CVE-2000-0291",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1112"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-30 18:05
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openoffice | openoffice | 1.1.0 | |
| openoffice | openoffice | 1.1.1 | |
| openoffice | openoffice | 1.1.2 | |
| openoffice | openoffice | 1.1.3 | |
| openoffice | openoffice | 1.1.4 | |
| openoffice | openoffice | 2.0 | |
| openoffice | openoffice | 2.0.0 | |
| openoffice | openoffice | 2.0.1 | |
| openoffice | openoffice | 2.0.2 | |
| sun | staroffice | 6.0 | |
| sun | staroffice | 7.0 | |
| sun | staroffice | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EA7C32-30D8-4367-B2F6-6394408E63B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A063FBBE-4D34-45D0-9AC8-66CFC64D22EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0436BF-D4B6-4437-A509-FEBB779E4B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E24B3240-5110-4810-A37A-C9A0B4A1F856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D14968CA-8FA9-4E71-9C0C-3ABFBE7920C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E667DBA8-23C6-4521-9BAF-17D667886242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4999E6F1-2983-48B1-8FEF-830DD4845CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA089E1-3B23-47FA-84BB-81225AD200EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "021D5A76-3F8E-4BBC-8776-D8E13F70D26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA77A764-8311-4108-8155-920EC12AC0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB60F92-5543-4D1E-8CE1-525D65AECF5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D51979-56BC-46A4-A6FB-45BC56CB6D5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka \"File Format / Buffer Overflow Vulnerability.\""
},
{
"lang": "es",
"value": ""
}
],
"id": "CVE-2006-3117",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-06-30T18:05:00.000",
"references": [
{
"source": "security@debian.org",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20867"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20893"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20910"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20911"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20913"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20975"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20995"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21278"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22129"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23620"
},
{
"source": "security@debian.org",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"source": "security@debian.org",
"url": "http://securitytracker.com/id?1016414"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://www.ngssoftware.com/advisories/openoffice.txt"
},
{
"source": "security@debian.org",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://www.openoffice.org/security/CVE-2006-3117.html"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/18739"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"source": "security@debian.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
},
{
"source": "security@debian.org",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"source": "security@debian.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ngssoftware.com/advisories/openoffice.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openoffice.org/security/CVE-2006-3117.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-30 18:05
Modified
2025-04-03 01:03
Severity ?
Summary
OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openoffice | openoffice | 1.1.0 | |
| openoffice | openoffice | 1.1.1 | |
| openoffice | openoffice | 1.1.1a | |
| openoffice | openoffice | 1.1.1b | |
| openoffice | openoffice | 1.1.2 | |
| openoffice | openoffice | 1.1.3 | |
| openoffice | openoffice | 1.1.4 | |
| openoffice | openoffice | 1.1.5 | |
| openoffice | openoffice | 2.0.0 | |
| openoffice | openoffice | 2.0.0_rc1 | |
| openoffice | openoffice | 2.0.0_rc2 | |
| openoffice | openoffice | 2.0.0_rc3 | |
| openoffice | openoffice | 2.0.1 | |
| openoffice | openoffice | 2.0.2 | |
| openoffice | openoffice | 2.0.2_rc1 | |
| openoffice | openoffice | 2.0.2_rc2 | |
| openoffice | openoffice | 2.0.2_rc3 | |
| openoffice | openoffice | 2.0.2_rc4 | |
| openoffice | openoffice | 2.0.3_rc3 | |
| openoffice | openoffice | 2.0.3_rc4 | |
| openoffice | openoffice | 2.0.3_rc5 | |
| openoffice | openoffice | 2.0.3_rc6 | |
| sun | staroffice | 7.0 | |
| sun | staroffice | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EA7C32-30D8-4367-B2F6-6394408E63B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A063FBBE-4D34-45D0-9AC8-66CFC64D22EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C2EC75F-DA22-4592-809D-81DB8C3BA9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "E94AF842-B320-42BB-87AB-73178F8AA80F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0436BF-D4B6-4437-A509-FEBB779E4B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E24B3240-5110-4810-A37A-C9A0B4A1F856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D14968CA-8FA9-4E71-9C0C-3ABFBE7920C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "96B4ED38-FE08-40F3-B164-482146BF7BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4999E6F1-2983-48B1-8FEF-830DD4845CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.0_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D4161B6-A49C-460B-B364-7D0B248A60F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.0_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3B35A4-11D4-4548-87D3-F36DE4F07C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.0_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC082498-DEB1-45EF-9B4D-08A551C23F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA089E1-3B23-47FA-84BB-81225AD200EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "021D5A76-3F8E-4BBC-8776-D8E13F70D26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.2_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBECD76-CD0C-48AE-8DCE-C0A5DB37A439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.2_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "385C9A53-578B-48FA-B210-0CCEE2AF2931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.2_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA0DF03-4898-45E1-B338-B93A9A0376FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.2_rc4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9127E8A-66BD-4359-B76C-7220CC9ADC29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.3_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "076941D9-3CB7-4B0A-BDEA-66C3FDDF322F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.3_rc4:*:*:*:*:*:*:*",
"matchCriteriaId": "C59F07C5-50F2-4717-A48B-76D13267E161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.3_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B76133C-DD4A-466C-A43F-4CBCF36E3730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openoffice:openoffice:2.0.3_rc6:*:*:*:*:*:*:*",
"matchCriteriaId": "3F120B77-81AF-4823-907B-FFC8E6E5BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB60F92-5543-4D1E-8CE1-525D65AECF5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:staroffice:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D51979-56BC-46A4-A6FB-45BC56CB6D5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user."
},
{
"lang": "es",
"value": "OpenOffice.org (tambi\u00e9n conocido como StarOffice) v1.1.x a v1.1.5 y v2.0.x anteriores a v2.0.3 permite a los atacantes de usuarios asistidos conducir actividades no autorizadas a trav\u00e9s de un documento OpenOffice con una macro BASIC maliciosa, lo que es ejecutad sin confirmaci\u00f3n al usuario."
}
],
"id": "CVE-2006-2198",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-06-30T18:05:00.000",
"references": [
{
"source": "security@debian.org",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20867"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20893"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20910"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20911"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20913"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20975"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20995"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21278"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22129"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23620"
},
{
"source": "security@debian.org",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"source": "security@debian.org",
"url": "http://securitytracker.com/id?1016414"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"source": "security@debian.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/170113"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"source": "security@debian.org",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"source": "security@debian.org",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/18738"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"source": "security@debian.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27564"
},
{
"source": "security@debian.org",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"source": "security@debian.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/170113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-03-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | staroffice | 5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:staroffice:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C93C6E1-EF21-4CAA-96EC-780BDDA33488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
],
"id": "CVE-2000-0174",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-03-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1040"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2006-2199 (GCVE-0-2006-2199)
Vulnerability from cvelistv5
Published
2006-06-30 18:00
Modified
2024-08-07 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:28.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "102475",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "oval:org.mitre.oval:def:11338",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "VU#243681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/243681"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "openoffice-applet-sandbox-bypass(27569)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27569"
},
{
"name": "18737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18737"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "102475",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "oval:org.mitre.oval:def:11338",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "VU#243681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/243681"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "openoffice-applet-sandbox-bypass(27569)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27569"
},
{
"name": "18737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18737"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-2199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1104",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "102475",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1"
},
{
"name": "https://issues.rpath.com/browse/RPL-475",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "http://www.openoffice.org/security/CVE-2006-2199.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "oval:org.mitre.oval:def:11338",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23620"
},
{
"name": "VU#243681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/243681"
},
{
"name": "RHSA-2006:0573",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "openoffice-applet-sandbox-bypass(27569)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27569"
},
{
"name": "18737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18737"
},
{
"name": "SUSE-SA:2006:040",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-2199",
"datePublished": "2006-06-30T18:00:00",
"dateReserved": "2006-05-04T00:00:00",
"dateUpdated": "2024-08-07T17:43:28.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-1156 (GCVE-0-2000-1156)
Vulnerability from cvelistv5
Published
2000-12-19 05:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "staroffice-tmp-sym-link(5487)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5487"
},
{
"name": "20001108 StarOffice 5.2 Temporary Dir Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0115.html"
},
{
"name": "1922",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1922"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "staroffice-tmp-sym-link(5487)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5487"
},
{
"name": "20001108 StarOffice 5.2 Temporary Dir Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0115.html"
},
{
"name": "1922",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1922"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "staroffice-tmp-sym-link(5487)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5487"
},
{
"name": "20001108 StarOffice 5.2 Temporary Dir Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0115.html"
},
{
"name": "1922",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1922"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1156",
"datePublished": "2000-12-19T05:00:00",
"dateReserved": "2000-12-14T00:00:00",
"dateUpdated": "2024-08-08T05:45:37.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5870 (GCVE-0-2006-5870)
Vulnerability from cvelistv5
Published
2007-01-04 11:00
Modified
2024-08-07 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:55.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9145",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/issues/show_bug.cgi?id=70042"
},
{
"name": "23683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23683"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/"
},
{
"name": "23682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23682"
},
{
"name": "32611",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32611"
},
{
"name": "20070104 Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455943/100/0/threaded"
},
{
"name": "23920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23920"
},
{
"name": "23600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23600"
},
{
"name": "USN-406-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-406-1"
},
{
"name": "VU#220288",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/220288"
},
{
"name": "23612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23612"
},
{
"name": "102735",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102735-1"
},
{
"name": "SUSE-SA:2007:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html"
},
{
"name": "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly"
},
{
"name": "23711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23711"
},
{
"name": "GLSA-200701-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200701-07.xml"
},
{
"name": "32610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32610"
},
{
"name": "ADV-2007-0031",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0031"
},
{
"name": "23712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23712"
},
{
"name": "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455947/100/0/threaded"
},
{
"name": "23616",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23616"
},
{
"name": "RHSA-2007:0001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0001.html"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2344"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-905"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch"
},
{
"name": "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455954/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:8280",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8280"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "openoffice-wmf-bo(31257)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31257"
},
{
"name": "23549",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23549"
},
{
"name": "ADV-2007-0059",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0059"
},
{
"name": "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/455964/100/0/threaded"
},
{
"name": "20070108 rPSA-2007-0001-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456271/100/100/threaded"
},
{
"name": "DSA-1246",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1246"
},
{
"name": "20070101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc"
},
{
"name": "MDKSA-2007:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:006"
},
{
"name": "1017466",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017466"
},
{
"name": "23762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9145",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/issues/show_bug.cgi?id=70042"
},
{
"name": "23683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23683"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/"
},
{
"name": "23682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23682"
},
{
"name": "32611",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32611"
},
{
"name": "20070104 Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455943/100/0/threaded"
},
{
"name": "23920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23920"
},
{
"name": "23600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23600"
},
{
"name": "USN-406-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-406-1"
},
{
"name": "VU#220288",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/220288"
},
{
"name": "23612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23612"
},
{
"name": "102735",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102735-1"
},
{
"name": "SUSE-SA:2007:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html"
},
{
"name": "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly"
},
{
"name": "23711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23711"
},
{
"name": "GLSA-200701-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200701-07.xml"
},
{
"name": "32610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32610"
},
{
"name": "ADV-2007-0031",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0031"
},
{
"name": "23712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23712"
},
{
"name": "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455947/100/0/threaded"
},
{
"name": "23616",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23616"
},
{
"name": "RHSA-2007:0001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0001.html"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2344"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-905"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch"
},
{
"name": "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455954/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:8280",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8280"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "openoffice-wmf-bo(31257)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31257"
},
{
"name": "23549",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23549"
},
{
"name": "ADV-2007-0059",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0059"
},
{
"name": "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/455964/100/0/threaded"
},
{
"name": "20070108 rPSA-2007-0001-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456271/100/100/threaded"
},
{
"name": "DSA-1246",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1246"
},
{
"name": "20070101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc"
},
{
"name": "MDKSA-2007:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:006"
},
{
"name": "1017466",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017466"
},
{
"name": "23762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:9145",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9145"
},
{
"name": "http://www.openoffice.org/issues/show_bug.cgi?id=70042",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/issues/show_bug.cgi?id=70042"
},
{
"name": "23683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23683"
},
{
"name": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/"
},
{
"name": "23682",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23682"
},
{
"name": "32611",
"refsource": "OSVDB",
"url": "http://osvdb.org/32611"
},
{
"name": "20070104 Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455943/100/0/threaded"
},
{
"name": "23920",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23920"
},
{
"name": "23600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23600"
},
{
"name": "USN-406-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-406-1"
},
{
"name": "VU#220288",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/220288"
},
{
"name": "23612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23612"
},
{
"name": "102735",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102735-1"
},
{
"name": "SUSE-SA:2007:001",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0001.html"
},
{
"name": "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0002.htmly"
},
{
"name": "23711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23711"
},
{
"name": "GLSA-200701-07",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200701-07.xml"
},
{
"name": "32610",
"refsource": "OSVDB",
"url": "http://osvdb.org/32610"
},
{
"name": "ADV-2007-0031",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0031"
},
{
"name": "23712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23712"
},
{
"name": "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455947/100/0/threaded"
},
{
"name": "23616",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23616"
},
{
"name": "RHSA-2007:0001",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0001.html"
},
{
"name": "FEDORA-2007-005",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2344"
},
{
"name": "https://issues.rpath.com/browse/RPL-905",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-905"
},
{
"name": "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch"
},
{
"name": "20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455954/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:8280",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8280"
},
{
"name": "23620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23620"
},
{
"name": "openoffice-wmf-bo(31257)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31257"
},
{
"name": "23549",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23549"
},
{
"name": "ADV-2007-0059",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0059"
},
{
"name": "20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455964/100/0/threaded"
},
{
"name": "20070108 rPSA-2007-0001-1 openoffice.org",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456271/100/100/threaded"
},
{
"name": "DSA-1246",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1246"
},
{
"name": "20070101-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc"
},
{
"name": "MDKSA-2007:006",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:006"
},
{
"name": "1017466",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017466"
},
{
"name": "23762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5870",
"datePublished": "2007-01-04T11:00:00",
"dateReserved": "2006-11-14T00:00:00",
"dateUpdated": "2024-08-07T20:04:55.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3117 (GCVE-0-2006-3117)
Vulnerability from cvelistv5
Published
2006-06-30 18:00
Modified
2024-08-07 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:05.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "102501",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "openoffice-xml-document-bo(27571)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "22129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21278"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/openoffice.txt"
},
{
"name": "18739",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18739"
},
{
"name": "oval:org.mitre.oval:def:9704",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20911"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/CVE-2006-3117.html"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka \"File Format / Buffer Overflow Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "102501",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "openoffice-xml-document-bo(27571)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "22129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21278"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/openoffice.txt"
},
{
"name": "18739",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18739"
},
{
"name": "oval:org.mitre.oval:def:9704",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20911"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/CVE-2006-3117.html"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-3117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka \"File Format / Buffer Overflow Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1104",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "102501",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
},
{
"name": "USN-313-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "openoffice-xml-document-bo(27571)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
},
{
"name": "https://issues.rpath.com/browse/RPL-475",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "20893",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "22129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21278"
},
{
"name": "http://www.ngssoftware.com/advisories/openoffice.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/openoffice.txt"
},
{
"name": "18739",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18739"
},
{
"name": "oval:org.mitre.oval:def:9704",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
},
{
"name": "20910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20911"
},
{
"name": "http://www.openoffice.org/security/CVE-2006-3117.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/CVE-2006-3117.html"
},
{
"name": "1016414",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-3117",
"datePublished": "2006-06-30T18:00:00",
"dateReserved": "2006-06-21T00:00:00",
"dateUpdated": "2024-08-07T18:16:05.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2834 (GCVE-0-2007-2834)
Vulnerability from cvelistv5
Published
2007-09-18 21:00
Modified
2024-08-07 13:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.778Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "200190",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200190-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=192818"
},
{
"name": "26816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26816"
},
{
"name": "26839",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26839"
},
{
"name": "USN-524-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-524-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1740"
},
{
"name": "26855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26855"
},
{
"name": "1018702",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018702"
},
{
"name": "102994",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102994-1"
},
{
"name": "SUSE-SA:2007:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-09/msg00002.html"
},
{
"name": "26903",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26903"
},
{
"name": "GLSA-200710-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-24.xml"
},
{
"name": "20070917 Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=593"
},
{
"name": "27370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27370"
},
{
"name": "MDKSA-2007:186",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:186"
},
{
"name": "ADV-2007-3262",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3262"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-2834.html"
},
{
"name": "FEDORA-2007-700",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-700.shtml"
},
{
"name": "RHSA-2007:0848",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0848.html"
},
{
"name": "26844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26844"
},
{
"name": "26891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26891"
},
{
"name": "20070919 FLEA-2007-0056-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479965/100/0/threaded"
},
{
"name": "27087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27087"
},
{
"name": "25690",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25690"
},
{
"name": "oval:org.mitre.oval:def:9967",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9967"
},
{
"name": "ADV-2007-3184",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3184"
},
{
"name": "26861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26861"
},
{
"name": "26817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26817"
},
{
"name": "DSA-1375",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1375"
},
{
"name": "openoffice-tiff-bo(36656)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36656"
},
{
"name": "26912",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26912"
},
{
"name": "27077",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27077"
},
{
"name": "FEDORA-2007-2372",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-237.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "200190",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200190-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=192818"
},
{
"name": "26816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26816"
},
{
"name": "26839",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26839"
},
{
"name": "USN-524-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-524-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1740"
},
{
"name": "26855",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26855"
},
{
"name": "1018702",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018702"
},
{
"name": "102994",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102994-1"
},
{
"name": "SUSE-SA:2007:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-09/msg00002.html"
},
{
"name": "26903",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26903"
},
{
"name": "GLSA-200710-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-24.xml"
},
{
"name": "20070917 Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=593"
},
{
"name": "27370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27370"
},
{
"name": "MDKSA-2007:186",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:186"
},
{
"name": "ADV-2007-3262",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3262"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2007-2834.html"
},
{
"name": "FEDORA-2007-700",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-700.shtml"
},
{
"name": "RHSA-2007:0848",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0848.html"
},
{
"name": "26844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26844"
},
{
"name": "26891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26891"
},
{
"name": "20070919 FLEA-2007-0056-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479965/100/0/threaded"
},
{
"name": "27087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27087"
},
{
"name": "25690",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25690"
},
{
"name": "oval:org.mitre.oval:def:9967",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9967"
},
{
"name": "ADV-2007-3184",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3184"
},
{
"name": "26861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26861"
},
{
"name": "26817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26817"
},
{
"name": "DSA-1375",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1375"
},
{
"name": "openoffice-tiff-bo(36656)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36656"
},
{
"name": "26912",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26912"
},
{
"name": "27077",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27077"
},
{
"name": "FEDORA-2007-2372",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-237.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "200190",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200190-1"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=192818",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=192818"
},
{
"name": "26816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26816"
},
{
"name": "26839",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26839"
},
{
"name": "USN-524-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-524-1"
},
{
"name": "https://issues.rpath.com/browse/RPL-1740",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1740"
},
{
"name": "26855",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26855"
},
{
"name": "1018702",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018702"
},
{
"name": "102994",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102994-1"
},
{
"name": "SUSE-SA:2007:052",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-09/msg00002.html"
},
{
"name": "26903",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26903"
},
{
"name": "GLSA-200710-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200710-24.xml"
},
{
"name": "20070917 Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=593"
},
{
"name": "27370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27370"
},
{
"name": "MDKSA-2007:186",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:186"
},
{
"name": "ADV-2007-3262",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3262"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2007-2834.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2007-2834.html"
},
{
"name": "FEDORA-2007-700",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA-2007-700.shtml"
},
{
"name": "RHSA-2007:0848",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0848.html"
},
{
"name": "26844",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26844"
},
{
"name": "26891",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26891"
},
{
"name": "20070919 FLEA-2007-0056-1 openoffice.org",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479965/100/0/threaded"
},
{
"name": "27087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27087"
},
{
"name": "25690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25690"
},
{
"name": "oval:org.mitre.oval:def:9967",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9967"
},
{
"name": "ADV-2007-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3184"
},
{
"name": "26861",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26861"
},
{
"name": "26817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26817"
},
{
"name": "DSA-1375",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1375"
},
{
"name": "openoffice-tiff-bo(36656)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36656"
},
{
"name": "26912",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26912"
},
{
"name": "27077",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27077"
},
{
"name": "FEDORA-2007-2372",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA-2007-237.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2834",
"datePublished": "2007-09-18T21:00:00",
"dateReserved": "2007-05-24T00:00:00",
"dateUpdated": "2024-08-07T13:49:57.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2198 (GCVE-0-2006-2198)
Vulnerability from cvelistv5
Published
2006-06-30 18:00
Modified
2024-08-07 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:27.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "openoffice-macro-code-execution(27564)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27564"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "102490",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1"
},
{
"name": "22129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "18738",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18738"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"name": "VU#170113",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/170113"
},
{
"name": "oval:org.mitre.oval:def:11082",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "openoffice-macro-code-execution(27564)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27564"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "102490",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1"
},
{
"name": "22129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "18738",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18738"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"name": "VU#170113",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/170113"
},
{
"name": "oval:org.mitre.oval:def:11082",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-2198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1104",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "https://issues.rpath.com/browse/RPL-475",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "http://www.openoffice.org/security/CVE-2006-2199.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "openoffice-macro-code-execution(27564)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27564"
},
{
"name": "ADV-2006-2621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "102490",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1"
},
{
"name": "22129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "18738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18738"
},
{
"name": "23620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"name": "VU#170113",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/170113"
},
{
"name": "oval:org.mitre.oval:def:11082",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-2198",
"datePublished": "2006-06-30T18:00:00",
"dateReserved": "2006-05-04T00:00:00",
"dateUpdated": "2024-08-07T17:43:27.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0174 (GCVE-0-2000-0174)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000308 [SAFER 000309.EXP.1.4] StarScheduler (StarOffice) vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
},
{
"name": "1040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1040"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000308 [SAFER 000309.EXP.1.4] StarScheduler (StarOffice) vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
},
{
"name": "1040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1040"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000308 [SAFER 000309.EXP.1.4] StarScheduler (StarOffice) vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
},
{
"name": "1040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1040"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0174",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-03-22T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5201 (GCVE-0-2006-5201)
Vulnerability from cvelistv5
Published
2006-10-09 18:00
Modified
2024-08-07 19:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22992"
},
{
"name": "102657",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"name": "ADV-2006-3899",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"name": "ADV-2006-3960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3960"
},
{
"name": "ADV-2006-3898",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"name": "22325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22325"
},
{
"name": "102648",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"name": "22204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22204"
},
{
"name": "22226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22226"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-10-18T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22992"
},
{
"name": "102657",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"name": "ADV-2006-3899",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"name": "ADV-2006-3960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3960"
},
{
"name": "ADV-2006-3898",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"name": "22325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22325"
},
{
"name": "102648",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"name": "22204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22204"
},
{
"name": "22226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22226"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22992"
},
{
"name": "102657",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"name": "ADV-2006-3899",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"name": "ADV-2006-3960",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3960"
},
{
"name": "ADV-2006-3898",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3898"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"name": "22325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22325"
},
{
"name": "102648",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"name": "22204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22204"
},
{
"name": "22226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22226"
},
{
"name": "VU#845620",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/845620"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5201",
"datePublished": "2006-10-09T18:00:00",
"dateReserved": "2006-10-09T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0291 (GCVE-0-2000-0291)
Vulnerability from cvelistv5
Published
2000-04-26 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000416 StarOffice 5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html"
},
{
"name": "1112",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1112"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000416 StarOffice 5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html"
},
{
"name": "1112",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1112"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000416 StarOffice 5.1",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html"
},
{
"name": "1112",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1112"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0291",
"datePublished": "2000-04-26T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0175 (GCVE-0-2000-0175)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1039"
},
{
"name": "20000308 [SAFER 000309.EXP.1.4] StarScheduler (StarOffice) vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1039",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1039"
},
{
"name": "20000308 [SAFER 000309.EXP.1.4] StarScheduler (StarOffice) vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1039"
},
{
"name": "20000308 [SAFER 000309.EXP.1.4] StarScheduler (StarOffice) vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0175",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-03-22T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}