FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  351938
Date:      2014-04-23
Time:      13:36:36Z
Committer: lwhsu

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b206dd82-ac67-11d9-a788-0001020eed82openoffice -- DOC document heap overflow vulnerability

AD-LAB reports that a heap-based buffer overflow vulnerability exists in OpenOffice's handling of DOC documents. When reading a DOC document 16 bit from a 32 bit integer is used for memory allocation, but the full 32 bit is used for further processing of the document. This can allow an attacker to crash OpenOffice, or potentially execute arbitrary code as the user running OpenOffice, by tricking an user into opening a specially crafted DOC document.


Discovery 2005-04-11
Entry 2005-04-13
Modified 2005-04-20
openoffice
ar-openoffice
ca-openoffice
cs-openoffice
de-openoffice
dk-openoffice
el-openoffice
es-openoffice
et-openoffice
fi-openoffice
fr-openoffice
gr-openoffice
hu-openoffice
it-openoffice
ja-openoffice
ko-openoffice
nl-openoffice
pl-openoffice
pt-openoffice
pt_BR-openoffice
ru-openoffice
se-openoffice
sk-openoffice
sl-openoffice-SI
tr-openoffice
zh-openoffice-CN
zh-openoffice-TW
jp-openoffice
kr-openoffice
sl-openoffice-SL
zh-openoffice
zh_TW-openoffice
lt 1.1.4_2

gt 2.* le 2.0.20050406

openoffice
ja-openoffice
ge 6.0.a609 le 6.0.a638

ge 641c le 645

eq 1.1RC4

eq 1.1rc5

13092
CVE-2005-0941
http://marc.theaimsgroup.com/?l=bugtraq&m=111325305109137
http://www.openoffice.org/issues/show_bug.cgi?id=46388
c62dc69f-05c8-11d9-b45d-000c41e2cdadopenoffice -- document disclosure

OpenOffice creates a working directory in /tmp on startup, and uses this directory to temporarily store document content. However, the permissions of the created directory may allow other user on the system to read these files, potentially exposing information the user likely assumed was inaccessible.


Discovery 2004-08-24
Entry 2004-09-14
openoffice
ar-openoffice
ca-openoffice
cs-openoffice
de-openoffice
dk-openoffice
el-openoffice
es-openoffice
et-openoffice
fi-openoffice
fr-openoffice
gr-openoffice
hu-openoffice
it-openoffice
ja-openoffice
ko-openoffice
nl-openoffice
pl-openoffice
pt-openoffice
pt_BR-openoffice
ru-openoffice
se-openoffice
sk-openoffice
sl-openoffice-SI
tr-openoffice
zh-openoffice-CN
zh-openoffice-TW
lt 1.1.2_1

ge 2.0

CVE-2004-0752
http://www.openoffice.org/issues/show_bug.cgi?id=33357
http://securitytracker.com/alerts/2004/Sep/1011205.html
http://marc.theaimsgroup.com/?l=bugtraq&m=109483308421566
b206dd82-ac67-11d9-a788-0001020eed82openoffice -- DOC document heap overflow vulnerability

AD-LAB reports that a heap-based buffer overflow vulnerability exists in OpenOffice's handling of DOC documents. When reading a DOC document 16 bit from a 32 bit integer is used for memory allocation, but the full 32 bit is used for further processing of the document. This can allow an attacker to crash OpenOffice, or potentially execute arbitrary code as the user running OpenOffice, by tricking an user into opening a specially crafted DOC document.


Discovery 2005-04-11
Entry 2005-04-13
Modified 2005-04-20
openoffice
ar-openoffice
ca-openoffice
cs-openoffice
de-openoffice
dk-openoffice
el-openoffice
es-openoffice
et-openoffice
fi-openoffice
fr-openoffice
gr-openoffice
hu-openoffice
it-openoffice
ja-openoffice
ko-openoffice
nl-openoffice
pl-openoffice
pt-openoffice
pt_BR-openoffice
ru-openoffice
se-openoffice
sk-openoffice
sl-openoffice-SI
tr-openoffice
zh-openoffice-CN
zh-openoffice-TW
jp-openoffice
kr-openoffice
sl-openoffice-SL
zh-openoffice
zh_TW-openoffice
lt 1.1.4_2

gt 2.* le 2.0.20050406

openoffice
ja-openoffice
ge 6.0.a609 le 6.0.a638

ge 641c le 645

eq 1.1RC4

eq 1.1rc5

13092
CVE-2005-0941
http://marc.theaimsgroup.com/?l=bugtraq&m=111325305109137
http://www.openoffice.org/issues/show_bug.cgi?id=46388
c62dc69f-05c8-11d9-b45d-000c41e2cdadopenoffice -- document disclosure

OpenOffice creates a working directory in /tmp on startup, and uses this directory to temporarily store document content. However, the permissions of the created directory may allow other user on the system to read these files, potentially exposing information the user likely assumed was inaccessible.


Discovery 2004-08-24
Entry 2004-09-14
openoffice
ar-openoffice
ca-openoffice
cs-openoffice
de-openoffice
dk-openoffice
el-openoffice
es-openoffice
et-openoffice
fi-openoffice
fr-openoffice
gr-openoffice
hu-openoffice
it-openoffice
ja-openoffice
ko-openoffice
nl-openoffice
pl-openoffice
pt-openoffice
pt_BR-openoffice
ru-openoffice
se-openoffice
sk-openoffice
sl-openoffice-SI
tr-openoffice
zh-openoffice-CN
zh-openoffice-TW
lt 1.1.2_1

ge 2.0

CVE-2004-0752
http://www.openoffice.org/issues/show_bug.cgi?id=33357
http://securitytracker.com/alerts/2004/Sep/1011205.html
http://marc.theaimsgroup.com/?l=bugtraq&m=109483308421566