The Apache OpenOffice Project reports:
A vulnerability in OpenOffice settings of OpenDocument Format
files and templates allows silent access to files that are
readable from an user account, over-riding the user's default
configuration settings. Once these files are imported into a
maliciously-crafted document, the data can be silently hidden
in the document and possibly exported to an external party
without being observed.
The Apache OpenOffice Project reports:
A crafted ODF document can be used to create a buffer that is
too small for the amount of data loaded into it, allowing an
attacker to cause denial of service (memory corruption and
application crash) and possible execution of arbitrary code.
The Apache OpenOffice Project reports:
A crafted Microsoft Word DOC file can be used to specify a
document buffer that is too small for the amount of data
provided for it. Failure to detect the discrepancy allows an
attacker to cause denial of service (memory corruption and
application crash) and possible execution of arbitrary code.
The Apache OpenOffice Project reports:
A crafted Microsoft Word DOC can contain invalid bookmark
positions leading to memory corruption when the document is
loaded or bookmarks are manipulated. The defect allows an
attacker to cause denial of service (memory corruption and
application crash) and possible execution of arbitrary code.