- Home
- CVEs with nessus.description==Loading malformed XML documents can cause buffer overflows in
OpenOffice.org, a free office suite, and cause a denial of service or
execute arbitrary code. It turned out that the correction in DSA
1104-1 was not sufficient, hence, another update. For completeness
please find the original advisory text below :
Several vulnerabilities have been discovered in OpenOffice.org, a
free office suite. The Common Vulnerabilities and Exposures Project
identifies the following problems :
- CVE-2006-2198
It turned out to be possible to embed arbitrary BASIC
macros in documents in a way that OpenOffice.org does
not see them but executes them anyway without any user
interaction.
- CVE-2006-2199
It is possible to evade the Java sandbox with
specially crafted Java applets.
- CVE-2006-3117
Loading malformed XML documents can cause buffer
overflows and cause a denial of service or execute
arbitrary code.
This update has the Mozilla component disabled, so that the
Mozilla/LDAP addressbook feature won't work anymore. It didn't work
on anything else than i386 on sarge either
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top