Caolanm

#12013de 53,630
22.8CVSS total
Vulnerabilidades · 3
Média
1
Alta
2
PT-2026-6642
5.3
2026-02-05
Collabora · Collabora Online Development Edition · CVE-2026-23623
**Name of the Vulnerable Software and Affected Versions** Collabora Online versions prior to 23.05.20.1 Collabora Online versions prior to 24.04.17.3 Collabora Online versions prior to 25.04.7.5 Collabora Online Development Edition versions prior to 25.04.08.2 **Description** Collabora Online is a collaborative online office suite based on LibreOffice technology. A user with view-only rights and no download privileges can obtain a local copy of a shared file. Pressing Ctrl+Shift+S initiates the file download process, bypassing access restrictions and leading to unauthorized data retrieval. **Recommendations** Update Collabora Online to version 23.05.20.1 or later. Update Collabora Online to version 24.04.17.3 or later. Update Collabora Online to version 25.04.7.5 or later. Update Collabora Online Development Edition to version 25.04.08.2 or later.
PT-2024-27470
8.2
2024-08-23
Collabora · Collabora Online · CVE-2024-37311
**Nome do software vulnerável e versões afetadas** Versões do Collabora Online anteriores à 22.05.23.1 Versões do Collabora Online anteriores à 23.05.14.1 Versões do Collabora Online anteriores à 24.04.4.3 **Descrição** Nas versões afetadas do Collabora Online, um pacote de escritório colaborativo online baseado no LibreOffice, as conexões https do coolwsd para outros hosts podem verificar de forma incompleta o certificado do host remoto em relação à cadeia de confiança completa. **Recomendações** Para versões anteriores à 22.05.23.1, atualize para a versão 22.05.23.1 ou posterior. Para versões anteriores à 23.05.14.1, atualize para a versão 23.05.14.1 ou posterior. Para versões anteriores à 24.04.4.3, atualize para a versão 24.04.4.3 ou posterior.
PT-2006-6540
9.3
2006-12-31
Oracle · Openoffice.Org · CVE-2006-5870
**Name of the Vulnerable Software and Affected Versions** OpenOffice.org versions prior to 2.1.0 StarOffice versions 6 through 8 **Description** The issue is related to multiple integer overflows that allow user-assisted remote attackers to execute arbitrary code. This can be achieved via crafted WMF or EMF files that trigger heap-based buffer overflows in specific files, including `wmf/winwmf.cxx` during processing of META ESCAPE records, and `wmf/enhwmf.cxx` during processing of `EMR POLYPOLYGON` and `EMR POLYPOLYGON16` records. **Recommendations** For OpenOffice.org versions prior to 2.1.0, update to version 2.1.0 or later to resolve the issue. For StarOffice versions 6 through 8, update to a version later than 8 to resolve the issue. As a temporary workaround, consider avoiding the use of WMF and EMF files in OpenOffice.org and StarOffice until a patch is available.