LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

openoffice.org: several vulnerabilities

Package(s):openoffice.org CVE #(s):CVE-2006-2198 CVE-2006-2199 CVE-2006-3117
Created:June 30, 2006 Updated:January 4, 2007
Description: Several vulnerabilities have been discovered in OpenOffice.org, a free office suite.
  • It turned out to be possible to embed arbitrary BASIC macros in documents in a way that OpenOffice.org does not see them but executes them anyway without any user interaction. (CVE-2006-2198)
  • It is possible to evade the Java sandbox with specially crafted Java applets. (CVE-2006-2199)
  • Loading malformed XML documents can cause buffer overflows and cause a denial of service or execute arbitrary code. (CVE-2006-3117)
Alerts:
Fedora FEDORA-2007-005 2007-01-03
rPath rPSA-2006-0173-1 2006-09-26
Gentoo 200607-12 2006-07-28
Ubuntu USN-313-2 2006-07-19
Ubuntu USN-313-1 2006-07-11
Mandriva MDKSA-2006:118 2006-07-07
Debian DSA-1104-2 2006-07-06
Red Hat RHSA-2006:0573-01 2006-07-03
SuSE SUSE-SA:2006:040 2006-07-03
Fedora FEDORA-2006-770 2006-07-03
Fedora FEDORA-2006-764 2006-06-30
Debian DSA-1104-1 2006-06-30
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds