Staroffice

staroffice

Vendor: Sun • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-2834 4Apache CanonicalDebian+1 more 5Debian Linux OpenofficeStaroffice+2 more Apr 23, 2026 Sep 18, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of un...Show more Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.Show less
CVE-2006-5870 2Openoffice Sun 2Openoffice Staroffice Apr 23, 2026 Dec 31, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a)...Show more Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records.Show less
CVE-2006-5201 1Sun 9Jdk JreJsse+6 more Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5...Show more Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.Show less
CVE-2006-3117 2Openoffice Sun 2Openoffice Staroffice Apr 16, 2026 Jun 30, 2006 N/A· v4 N/A· v3 7.6 HIGH· v2 Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly h...Show more Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."Show less
CVE-2006-2199 2Openoffice Sun 2Openoffice Staroffice Apr 16, 2026 Jun 30, 2006 N/A· v4 N/A· v3 7.6 HIGH· v2 Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via cert...Show more Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.Show less
CVE-2006-2198 2Openoffice Sun 2Openoffice Staroffice Apr 16, 2026 Jun 30, 2006 N/A· v4 N/A· v3 7.6 HIGH· v2 OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed withou...Show more OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.Show less
CVE-2000-1156 1Sun 1Staroffice Apr 16, 2026 Jan 9, 2001 N/A· v4 N/A· v3 3.6 LOW· v2 StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.
CVE-2000-0291 1Sun 1Staroffice Apr 16, 2026 Apr 16, 2000 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.
CVE-2000-0175 1Sun 1Staroffice Apr 16, 2026 Mar 9, 2000 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.
CVE-2000-0174 1Sun 1Staroffice Apr 16, 2026 Mar 9, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.