OpenOffice.org Security Team Bulletin
If you want to stay up to date on OpenOffice.org security announcements, please subscribe to our security-alerts mailing list.
Fixed in Apache OpenOffice 3.4.1
- CVE-2012-2665: Manifest-processing errors in Apache OpenOffice 3.4.0
Fixed in Apache OpenOffice 3.4.0
- CVE-2012-1149: OpenOffice.org integer overflow error in vclmi.dll module when allocating
memory for an embedded image object
- CVE-2012-2149: OpenOffice.org memory overwrite vulnerability
- CVE-2012-2334: Vulnerabilities related to
malformed Powerpoint files in OpenOffice.org 3.3.0
Patches for OpenOffice.org 3.3
Fixed in OpenOffice.org 3.3
Fixed in OpenOffice.org 3.2.1
- CVE-2009-3555: OpenOffice.org 2
and 3 may be affected by the TLS/SSL Renegotiation Issue in 3rd Party Libraries
- CVE-2010-0395: Security vulnerability
in OpenOffice.org related to python scripting
Fixed in OpenOffice.org 3.2
- CVE-2006-4339: Potential
vulnerability from 3rd party libxml2 libraries
- CVE-2009-0217: Potential
vulnerability from 3rd party libxmlsec libraries
- CVE-2009-2493: OpenOffice.org 3
for Windows bundles a vulnerable version of MSVC Runtime
- CVE-2009-2949: Potential
vulnerability related to XPM file processing
- CVE-2009-2950: Potential
vulnerability related to GIF file processing
- CVE-2009-3301/2: Potential
vulnerability related to MS-Word document processing
Fixed in OpenOffice.org 3.1.1
Fixed in OpenOffice.org 3.1
- No security vulnerabilities fixed in this release
Fixed in OpenOffice.org 3.0.1
- No security vulnerabilities fixed in this release
Fixed in OpenOffice.org 3.0
- No security vulnerabilities fixed in this release
Fixed in OpenOffice.org 2.4.3
Fixed in OpenOffice.org 2.4.2
- CVE-2008-2237: Manipulated WMF
files can lead to heap overflows and arbitrary code execution
- CVE-2008-2238: Manipulated EMF
files can lead to heap overflows and arbitrary code execution
Fixed in OpenOffice.org 2.4.1
- CVE-2008-2152: Different kinds
of manipulated files may lead to heap overflows and arbitrary code
execution
Fixed in OpenOffice.org 2.4
- CVE-2007-4770/4771: Manipulated
ODF text documents containing XForms can lead to heap overflows and
arbitrary code execution
- CVE-2007-5745/5747: Manipulated
Quattro Pro files can lead to heap overflows and arbitrary code
execution
- CVE-2007-5746: Manipulated EMF
files can lead to heap overflows and arbitrary code execution
- CVE-2008-0320: Manipulated OLE
files can lead to heap overflows and arbitrary code execution
Fixed in OpenOffice.org 2.3.1
- CVE-2007-4575: Potential
arbitrary code execution vulnerability in 3rd party module (HSQLDB)
Fixed in OpenOffice.org 2.3
- CVE-2007-2834: Manipulated TIFF
files can lead to heap overflows and arbitrary code execution
Fixed in OpenOffice.org 2.2.1
- CVE-2007-2754: Integer overflow
and heap-based buffer overflow vulnerability in 3rd party module
(freetype)
- CVE-2007-0245: Manipulated RTF
files can lead to heap overflows and arbitrary code execution
Fixed in OpenOffice.org 2.2
Fixed in OpenOffice.org 2.1
Fixed in OpenOffice.org 2.0.3
Security Home ->
Bulletin