This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Kde First view 2005-01-27
Product Koffice Last view 2012-08-20
Version 1.3_beta3 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:kde:koffice

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2012-08-20 CVE-2012-3455

Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase.
7.5 2005-10-20 CVE-2005-2971

Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
7.5 2005-04-27 CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
10 2005-01-27 CVE-2004-0889

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
10 2005-01-27 CVE-2004-0888

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
44330 CUPS on Red Hat 64-bit pdftops Crafted PDF File Handling Overflow
19909 KOffice KWord RTF Importer Overflow
16894 Xpdf Integer Overflow Patch 64 Bit Architecture Failure
13149 Xpdf Multiple Unspecified Remote Overflows
11034 Xpdf Page Size Remote Overflow
11033 Xpdf indexHigh Color Size Remote Overflow

OpenVAS Exploits

id Description
2012-08-30 Name : FreeBSD Ports: koffice
File : nvt/freebsd_koffice0.nasl
2012-08-14 Name : Ubuntu Update for koffice USN-1526-1
File : nvt/gb_ubuntu_USN_1526_1.nasl
2012-08-14 Name : Fedora Update for koffice FEDORA-2012-11546
File : nvt/gb_fedora_2012_11546_koffice_fc16.nasl
2009-10-10 Name : SLES9: Security update for CUPS
File : nvt/sles9p5014529.nasl
2009-03-06 Name : RedHat Update for cups RHSA-2008:0206-01
File : nvt/gb_RHSA-2008_0206-01_cups.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 i386
File : nvt/gb_CESA-2008_0206_cups_centos4_i386.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 i386
File : nvt/gb_CESA-2008_0206_cups_centos3_i386.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200410-20 (Xpdf)
File : nvt/glsa_200410_20.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200410-30 (GPdf)
File : nvt/glsa_200410_30.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200411-30 (pdftohtml)
File : nvt/glsa_200411_30.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200501-31 (teTeX)
File : nvt/glsa_200501_31.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200510-12 (koffice, kword)
File : nvt/glsa_200510_12.nasl
2008-09-04 Name : FreeBSD Ports: gpdf, cups-base
File : nvt/freebsd_gpdf.nasl
2008-01-17 Name : Debian Security Advisory DSA 573-1 (cupsys)
File : nvt/deb_573_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 872-1 (koffice)
File : nvt/deb_872_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 599-1 (tetex-bin)
File : nvt/deb_599_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 581-1 (xpdf)
File : nvt/deb_581_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2005-310-02 KOffice/KWord
File : nvt/esoft_slk_ssa_2005_310_02.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-532.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO
2012-08-27 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_aa4d3d73ef1711e1b59300269ef07d24.nasl - Type: ACT_GATHER_INFO
2012-08-14 Name: The remote Fedora host is missing a security update.
File: fedora_2012-11546.nasl - Type: ACT_GATHER_INFO
2012-08-10 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-1526-1.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20080401_cups_on_SL3_x.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-872.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-354.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-9-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-202-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-14-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-185.nasl - Type: ACT_GATHER_INFO
2005-11-07 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2005-310-02.nasl - Type: ACT_GATHER_INFO
2005-10-19 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-984.nasl - Type: ACT_GATHER_INFO
2005-10-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200510-12.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_ad2f333726bf11d99289000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2005-04-02 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-354.nasl - Type: ACT_GATHER_INFO