- Home
- CVEs with nessus.description==It+was+discovered+that+the+XML+HMAC+signature+system+did+not+correctly+check+certain+lengths.+If+an+attacker+sent+a+truncated+HMAC%2C+it+could+bypass+authentication%2C+leading+to+potential+privilege+escalation.%0A%28CVE-2009-0217%29%0A%0ASebastian+Apelt+and+Frank+Reissner+discovered+that+OpenOffice+did+not+correctly+import+XPM+and+GIF+images.+If+a+user+were+tricked+into+opening+a+specially+crafted+image%2C+an+attacker+could+execute+arbitrary+code+with+user+privileges.+%28CVE-2009-2949%2C+CVE-2009-2950%29%0A%0ANicolas+Joly+discovered+that+OpenOffice+did+not+correctly+handle+certain+Word+documents.+If+a+user+were+tricked+into+opening+a+specially+crafted+document%2C+an+attacker+could+execute+arbitrary+code+with+user+privileges.+%28CVE-2009-3301%2C+CVE-2009-3302%29%0A%0AIt+was+discovered+that+OpenOffice+did+not+correctly+handle+certain+VBA+macros+correctly.+If+a+user+were+tricked+into+opening+a+specially+crafted+document%2C+an+attacker+could+execute+arbitrary+macro+commands%2C+bypassing+security+controls.+%28CVE-2010-0136%29.%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+Ubuntu+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top