Sun Staroffice vulnerabilities

CVE-2007-2834 [CRITICAL] CWE-190 CVE-2007-2834: Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.

CVE-2006-5870 [CRITICAL] CWE-189 CVE-2006-5870: Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions be Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and

CVE-2006-2199 [HIGH] CVE-2006-2199: Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2 Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.

CVE-2006-2198 [HIGH] CWE-264 CVE-2006-2198: OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attack OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.

CVE-2006-3117 [HIGH] CWE-119 CVE-2006-3117: Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0 Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."

CVE-2000-1156 [LOW] CVE-2000-1156: StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directo StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.

CVE-2000-0291 [MEDIUM] CVE-2000-0291: Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.

CVE-2000-0175 [CRITICAL] CVE-2000-0175: Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access v Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.

CVE-2000-0174 [MEDIUM] CVE-2000-0174: StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot do StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.