exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2006-2198

Status Candidate

Overview

OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.

Related Files

Ubuntu Security Notice 313-1
Posted Jul 13, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 313-1 - Multiple vulnerabilities have surfaced in Open Office.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2006-2198, CVE-2006-2199, CVE-2006-3117
SHA-256 | 183cd37f23e6784429f845c08d6fbb813c48b81039ff86f887a33806e1a21660
Mandriva Linux Security Advisory 2006.118
Posted Jul 9, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-118 - OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. An unspecified vulnerability in Java Applets in OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. Heap-based buffer overflow in OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."

tags | advisory, java, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2006-2198, CVE-2006-2199, CVE-2006-3117
SHA-256 | 5a8c64eba7a3889e3f7530ca9a0952ea5c82032ff3c72dc7da55a76a5bf3ff7f
SUSE-SA-2006-040.txt
Posted Jul 9, 2006
Site suse.com

SUSE Security Announcement SUSE-SA:2006:040 - Multiple vulnerabilities have been discovered in OpenOffice. A security vulnerability in OpenOffice.org may make it possible to inject basic code into documents which is executed upon loading of the document. A security vulnerability related to OpenOffice.org documents may allow certain Java applets to break through the "sandbox" and therefore have full access to system resources with current user privileges. A buffer overflow in the XML UTF8 converter allows for a value to be written to an arbitrary location in memory. This may lead to command execution in the context of the current user.

tags | advisory, java, overflow, arbitrary, vulnerability
systems | linux, suse
advisories | CVE-2006-2198, CVE-2006-2199, CVE-2006-3117
SHA-256 | 8a8e3987a76df5a732e8cbca045edc16f6f66c6df5a7fa7b42994363e9012e4d
Debian Linux Security Advisory 1104-1
Posted Jul 2, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1104-1 - Several vulnerabilities have been discovered in OpenOffice.org, a free office suite. It turned out to be possible to embed arbitrary BASIC macros in documents in a way that OpenOffice.org does not see them but executes them anyway without any user interaction. It is possible to evade the Java sandbox with specially crafted Java applets. Loading malformed XML documents can cause buffer overflows and cause a denial of service or execute arbitrary code.

tags | advisory, java, denial of service, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2006-2198, CVE-2006-2199, CVE-2006-3117
SHA-256 | deaefe6a689b0fc91e62a203448262cff8dbb4cb8432ae2e8ca49302d8c8b26f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close