CVE-2006-2199 | Vulnerability Database | Aqua Security

Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.

Affected Software

Name	Vendor	Start Version	End Version
Openoffice	Openoffice	1.1.0 (including)	1.1.0 (including)
Openoffice	Openoffice	1.1.1 (including)	1.1.1 (including)
Openoffice	Openoffice	1.1.2 (including)	1.1.2 (including)
Openoffice	Openoffice	1.1.3 (including)	1.1.3 (including)
Openoffice	Openoffice	1.1.4 (including)	1.1.4 (including)
Openoffice	Openoffice	1.1.5 (including)	1.1.5 (including)
Openoffice	Openoffice	2.0.0 (including)	2.0.0 (including)
Openoffice	Openoffice	2.0.1 (including)	2.0.1 (including)
Openoffice	Openoffice	2.0.2 (including)	2.0.2 (including)
Staroffice	Sun	6.0 (including)	6.0 (including)
Staroffice	Sun	7.0 (including)	7.0 (including)
Staroffice	Sun	8.0 (including)	8.0 (including)

References

http://fedoranews.org/cms/node/2343
http://secunia.com/advisories/20867
http://secunia.com/advisories/20893
http://secunia.com/advisories/20910
http://secunia.com/advisories/20911
http://secunia.com/advisories/20913
http://secunia.com/advisories/20975
http://secunia.com/advisories/20995
http://secunia.com/advisories/21278
http://secunia.com/advisories/23620
http://security.gentoo.org/glsa/glsa-200607-12.xml
http://securitytracker.com/id?1016414
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1
http://www.debian.org/security/2006/dsa-1104
http://www.kb.cert.org/vuls/id/243681
http://www.mandriva.com/security/advisories?name=MDKSA-2006:118
http://www.novell.com/linux/security/advisories/2006_40_openoffice.html
http://www.openoffice.org/security/CVE-2006-2199.html
http://www.redhat.com/support/errata/RHSA-2006-0573.html
http://www.securityfocus.com/archive/1/447035/100/0/threaded
http://www.securityfocus.com/bid/18737
http://www.ubuntu.com/usn/usn-313-1
http://www.ubuntu.com/usn/usn-313-2
http://www.vupen.com/english/advisories/2006/2607
http://www.vupen.com/english/advisories/2006/2621
https://exchange.xforce.ibmcloud.com/vulnerabilities/27569
https://issues.rpath.com/browse/RPL-475
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11338

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-2199
CWE	https://cwe.mitre.org/data/definitions/.html