CVE-2006-2198

Published: Jun 30, 2006Modified: Apr 16, 2026

7.6

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability: 4.9 / Impact: 10.0

Source: NVD

Description

OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.

Affected (24)

Products: Openoffice: Openoffice · Sun: Staroffice

1 product

1 product

Configuration A

24 vulnerable

Vulnerable Software	Affected Versions
Openoffice Openoffice	Version 1.1.0
Openoffice Openoffice	Version 1.1.1
Openoffice Openoffice	Version 1.1.1a
Openoffice Openoffice	Version 1.1.1b
Openoffice Openoffice	Version 1.1.2
Openoffice Openoffice	Version 1.1.3
Openoffice Openoffice	Version 1.1.4
Openoffice Openoffice	Version 1.1.5
Openoffice Openoffice	Version 2.0.0
Openoffice Openoffice	Version 2.0.0_rc1
Openoffice Openoffice	Version 2.0.0_rc2
Openoffice Openoffice	Version 2.0.0_rc3
Openoffice Openoffice	Version 2.0.1
Openoffice Openoffice	Version 2.0.2
Openoffice Openoffice	Version 2.0.2_rc1
Openoffice Openoffice	Version 2.0.2_rc2
Openoffice Openoffice	Version 2.0.2_rc3
Openoffice Openoffice	Version 2.0.2_rc4
Openoffice Openoffice	Version 2.0.3_rc3
Openoffice Openoffice	Version 2.0.3_rc4
Openoffice Openoffice	Version 2.0.3_rc5
Openoffice Openoffice	Version 2.0.3_rc6
Sun Staroffice	Version 7.0
Sun Staroffice	Version 8.0

Related CWEs

CWE-264

References (58)

http://fedoranews.org/cms/node/2343

Source: security@debian.org

http://secunia.com/advisories/20867

Source: security@debian.org

Vendor Advisory

http://secunia.com/advisories/20893

Source: security@debian.org

Vendor Advisory

http://secunia.com/advisories/20910

Source: security@debian.org

Vendor Advisory

http://secunia.com/advisories/20911

Source: security@debian.org

Vendor Advisory

http://secunia.com/advisories/20913

Source: security@debian.org

Vendor Advisory

http://secunia.com/advisories/20975

Source: security@debian.org

Vendor Advisory

http://secunia.com/advisories/20995

Source: security@debian.org

Vendor Advisory

http://secunia.com/advisories/21278

Source: security@debian.org

Vendor Advisory

http://secunia.com/advisories/22129

Source: security@debian.org

Vendor Advisory

http://secunia.com/advisories/23620

Source: security@debian.org

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200607-12.xml

Source: security@debian.org

http://securitytracker.com/id?1016414

Source: security@debian.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1

Source: security@debian.org

Patch

http://www.debian.org/security/2006/dsa-1104

Source: security@debian.org

http://www.kb.cert.org/vuls/id/170113

Source: security@debian.org

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2006:118

Source: security@debian.org

http://www.novell.com/linux/security/advisories/2006_40_openoffice.html

Source: security@debian.org

http://www.openoffice.org/security/CVE-2006-2199.html

Source: security@debian.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2006-0573.html

Source: security@debian.org

http://www.securityfocus.com/archive/1/447035/100/0/threaded

Source: security@debian.org

http://www.securityfocus.com/bid/18738

Source: security@debian.org

http://www.ubuntu.com/usn/usn-313-1

Source: security@debian.org

http://www.ubuntu.com/usn/usn-313-2

Source: security@debian.org

http://www.vupen.com/english/advisories/2006/2607

Source: security@debian.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/2621

Source: security@debian.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/27564

Source: security@debian.org

https://issues.rpath.com/browse/RPL-475

Source: security@debian.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11082

Source: security@debian.org

http://fedoranews.org/cms/node/2343