Sun Openoffice.Org vulnerabilities

CVE-2011-2713 [MEDIUM] CWE-119 CVE-2011-2713: oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.

CVE-2009-2139 [CRITICAL] CVE-2009-2139: Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3 Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a similar issue to CVE-2008-2238.

CVE-2009-2416 [MEDIUM] CWE-416 CVE-2009-2416: Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and l Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.

CVE-2007-5747 [MEDIUM] CWE-189 CVE-2007-5747: Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.