Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2006-AVI-271
Vulnerability from certfr_avis
Plusieurs vulnérabilités sont présentes dans OpenOffice. Ces vulnérabilités peuvent être utilisées par un utilisateurs mal intentionné pour exécuter du code arbitraire sur le système ou réaliser un déni de service.
Description
- Une vulnérabilité est présente dans le traitement de certaines applet java dans les documents OpenOffice. Cette vulnérabilité peut être exploitée pour coutourner le « bac à sable » de la machine java et obtenir les privilèges de l'utilisateur sur le système.
- Une seconde vulnérabilité existe dans le traitement des macros embarquées dans les documents OpenOffice. Cette vulnérabilité peut être utilisée pour faire exécuter du code malveillant à l'ouverture d'une document habilement construit.
- Une troisième vulnérabilité existe dans le traitement des documents XML. Cette vulnérabilité de type débordement de mémoire peut être exploitée pour exécuter du code arbitraire sur le système.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| OpenOffice | N/A | OpenOffice 1.1.x ; | ||
| OpenOffice | N/A | OpenOffice.org 2.x. |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OpenOffice 1.1.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "OpenOffice",
"scada": false
}
}
},
{
"description": "OpenOffice.org 2.x.",
"product": {
"name": "N/A",
"vendor": {
"name": "OpenOffice",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\n- Une vuln\u00e9rabilit\u00e9 est pr\u00e9sente dans le traitement de certaines\n applet java dans les documents OpenOffice. Cette vuln\u00e9rabilit\u00e9 peut\n \u00eatre exploit\u00e9e pour coutourner le \u00ab bac \u00e0 sable \u00bb de la machine java\n et obtenir les privil\u00e8ges de l\u0027utilisateur sur le syst\u00e8me.\n- Une seconde vuln\u00e9rabilit\u00e9 existe dans le traitement des macros\n embarqu\u00e9es dans les documents OpenOffice. Cette vuln\u00e9rabilit\u00e9 peut\n \u00eatre utilis\u00e9e pour faire ex\u00e9cuter du code malveillant \u00e0 l\u0027ouverture\n d\u0027une document habilement construit.\n- Une troisi\u00e8me vuln\u00e9rabilit\u00e9 existe dans le traitement des documents\n XML. Cette vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire peut \u00eatre\n exploit\u00e9e pour ex\u00e9cuter du code arbitraire sur le syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2006-2198",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2198"
},
{
"name": "CVE-2006-3117",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3117"
},
{
"name": "CVE-2006-2199",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2199"
}
],
"initial_release_date": "2006-06-30T00:00:00",
"last_revision_date": "2006-08-04T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1104 du 30 juin 2006 :",
"url": "http://www.us.debian.org/security/dsa-1104"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-313-2 du 19 juillet 2006 :",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Suse du 03 juillet 2006 :",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jul/0003.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:118 du 07 juillet 2006 :",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2006-0573 du 03 juillet 2006 :",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0573.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-313-1 du 11 juillet 2006 :",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200607-12 du 28 juillet 2006 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200607-12.xml"
}
],
"reference": "CERTA-2006-AVI-271",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-06-30T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Red Hat, Debian et Suse.",
"revision_date": "2006-07-06T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 d\u0027Ubuntu.",
"revision_date": "2006-07-13T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Gentoo, Mandriva et Ubuntu.",
"revision_date": "2006-08-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans OpenOffice. Ces\nvuln\u00e9rabilit\u00e9s peuvent \u00eatre utilis\u00e9es par un utilisateurs mal\nintentionn\u00e9 pour ex\u00e9cuter du code arbitraire sur le syst\u00e8me ou r\u00e9aliser\nun d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s sur OpenOffice",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice",
"url": "http://www.openoffice.org/security/bulletin-20060629.html"
}
]
}
CVE-2006-2198 (GCVE-0-2006-2198)
Vulnerability from cvelistv5
Published
2006-06-30 18:00
Modified
2024-08-07 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:27.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "openoffice-macro-code-execution(27564)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27564"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "102490",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1"
},
{
"name": "22129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "18738",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18738"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"name": "VU#170113",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/170113"
},
{
"name": "oval:org.mitre.oval:def:11082",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "openoffice-macro-code-execution(27564)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27564"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "102490",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1"
},
{
"name": "22129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "18738",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18738"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"name": "VU#170113",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/170113"
},
{
"name": "oval:org.mitre.oval:def:11082",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-2198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1104",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "https://issues.rpath.com/browse/RPL-475",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "http://www.openoffice.org/security/CVE-2006-2199.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "openoffice-macro-code-execution(27564)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27564"
},
{
"name": "ADV-2006-2621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "102490",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1"
},
{
"name": "22129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "18738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18738"
},
{
"name": "23620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2607"
},
{
"name": "VU#170113",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/170113"
},
{
"name": "oval:org.mitre.oval:def:11082",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-2198",
"datePublished": "2006-06-30T18:00:00",
"dateReserved": "2006-05-04T00:00:00",
"dateUpdated": "2024-08-07T17:43:27.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2199 (GCVE-0-2006-2199)
Vulnerability from cvelistv5
Published
2006-06-30 18:00
Modified
2024-08-07 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:28.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "102475",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "oval:org.mitre.oval:def:11338",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "VU#243681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/243681"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "openoffice-applet-sandbox-bypass(27569)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27569"
},
{
"name": "18737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18737"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "102475",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "oval:org.mitre.oval:def:11338",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "VU#243681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/243681"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "openoffice-applet-sandbox-bypass(27569)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27569"
},
{
"name": "18737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18737"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-2199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1104",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "USN-313-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "102475",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1"
},
{
"name": "https://issues.rpath.com/browse/RPL-475",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "http://www.openoffice.org/security/CVE-2006-2199.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/CVE-2006-2199.html"
},
{
"name": "20893",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "oval:org.mitre.oval:def:11338",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21278"
},
{
"name": "20910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20911"
},
{
"name": "1016414",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23620"
},
{
"name": "VU#243681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/243681"
},
{
"name": "RHSA-2006:0573",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "openoffice-applet-sandbox-bypass(27569)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27569"
},
{
"name": "18737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18737"
},
{
"name": "SUSE-SA:2006:040",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-2199",
"datePublished": "2006-06-30T18:00:00",
"dateReserved": "2006-05-04T00:00:00",
"dateUpdated": "2024-08-07T17:43:28.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3117 (GCVE-0-2006-3117)
Vulnerability from cvelistv5
Published
2006-06-30 18:00
Modified
2024-08-07 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:05.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "102501",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "openoffice-xml-document-bo(27571)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "22129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21278"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/openoffice.txt"
},
{
"name": "18739",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18739"
},
{
"name": "oval:org.mitre.oval:def:9704",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20911"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/CVE-2006-3117.html"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka \"File Format / Buffer Overflow Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-1104",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "102501",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
},
{
"name": "USN-313-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "openoffice-xml-document-bo(27571)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "20893",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "22129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21278"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/openoffice.txt"
},
{
"name": "18739",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18739"
},
{
"name": "oval:org.mitre.oval:def:9704",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
},
{
"name": "20910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20911"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/CVE-2006-3117.html"
},
{
"name": "1016414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-3117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka \"File Format / Buffer Overflow Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1104",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1104"
},
{
"name": "102501",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
},
{
"name": "USN-313-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-1"
},
{
"name": "openoffice-xml-document-bo(27571)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
},
{
"name": "https://issues.rpath.com/browse/RPL-475",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-475"
},
{
"name": "20893",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20893"
},
{
"name": "GLSA-200607-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
},
{
"name": "ADV-2006-2621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2621"
},
{
"name": "22129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22129"
},
{
"name": "20060926 rPSA-2006-0173-1 openoffice.org",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
},
{
"name": "20975",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20975"
},
{
"name": "20867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20867"
},
{
"name": "21278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21278"
},
{
"name": "http://www.ngssoftware.com/advisories/openoffice.txt",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/openoffice.txt"
},
{
"name": "18739",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18739"
},
{
"name": "oval:org.mitre.oval:def:9704",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
},
{
"name": "20910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20910"
},
{
"name": "FEDORA-2007-005",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2343"
},
{
"name": "MDKSA-2006:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
},
{
"name": "20995",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20995"
},
{
"name": "20911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20911"
},
{
"name": "http://www.openoffice.org/security/CVE-2006-3117.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/CVE-2006-3117.html"
},
{
"name": "1016414",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016414"
},
{
"name": "23620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23620"
},
{
"name": "RHSA-2006:0573",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
},
{
"name": "SUSE-SA:2006:040",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
},
{
"name": "20913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20913"
},
{
"name": "USN-313-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-313-2"
},
{
"name": "ADV-2006-2607",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2607"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-3117",
"datePublished": "2006-06-30T18:00:00",
"dateReserved": "2006-06-21T00:00:00",
"dateUpdated": "2024-08-07T18:16:05.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…