本ページは sun staroffice に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2007-2834 | Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow. | [email protected] | 9.3 | 11.32% | 2007-09-18 | 2026-06-16 |
| CVE-2006-5870 | Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records. | [email protected] | 9.3 | 8.24% | 2006-12-31 | 2026-06-16 |
| CVE-2006-5201 | Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying | [email protected] | 4.0 | 3.05% | 2006-10-10 | 2026-06-16 |
| CVE-2006-3117 | Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability." | [email protected] | 7.6 | 4.27% | 2006-06-30 | 2026-06-16 |
| CVE-2006-2199 | Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. | [email protected] | 7.6 | 3.34% | 2006-06-30 | 2026-06-16 |
| CVE-2006-2198 | OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. | [email protected] | 7.6 | 3.34% | 2006-06-30 | 2026-06-16 |
| CVE-2000-1156 | StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice. | [email protected] | 3.6 | 0.45% | 2001-01-09 | 2026-06-16 |
| CVE-2000-0291 | Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. | [email protected] | 4.6 | 0.45% | 2000-04-16 | 2026-06-16 |
| CVE-2000-0175 | Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. | [email protected] | 10.0 | 2.42% | 2000-03-09 | 2026-06-16 |
| CVE-2000-0174 | StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | [email protected] | 5.0 | 5.92% | 2000-03-09 | 2026-06-16 |