{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37043?format=json","vulnerability_id":"VCID-vrpb-u4tv-sqdj","summary":"Multiple vulnerabilities have been reported in OpenOffice.org, possibly\n    allowing for user-assisted execution of arbitrary code.","aliases":[{"alias":"CVE-2008-0320"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74574?format=json","purl":"pkg:ebuild/app-office/openoffice@2.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-office/openoffice@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/74575?format=json","purl":"pkg:ebuild/app-office/openoffice-bin@2.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-office/openoffice-bin@2.4.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/129320?format=json","purl":"pkg:rpm/redhat/openoffice.org@1.1.2-41.2.0?arch=EL3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-abwq-d34g-6fax"},{"vulnerability":"VCID-vrpb-u4tv-sqdj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openoffice.org@1.1.2-41.2.0%3Farch=EL3"},{"url":"http://public2.vulnerablecode.io/api/packages/129321?format=json","purl":"pkg:rpm/redhat/openoffice.org@1.1.5-10.6.0.3?arch=EL4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-abwq-d34g-6fax"},{"vulnerability":"VCID-vrpb-u4tv-sqdj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openoffice.org@1.1.5-10.6.0.3%3Farch=EL4"},{"url":"http://public2.vulnerablecode.io/api/packages/129322?format=json","purl":"pkg:rpm/redhat/openoffice.org@1:2.0.4-5.4?arch=26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-abwq-d34g-6fax"},{"vulnerability":"VCID-qy36-h4j1-rbez"},{"vulnerability":"VCID-vk6b-52uj-z7he"},{"vulnerability":"VCID-vrpb-u4tv-sqdj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openoffice.org@1:2.0.4-5.4%3Farch=26"},{"url":"http://public2.vulnerablecode.io/api/packages/129319?format=json","purl":"pkg:rpm/redhat/openoffice.org2@1:2.0.4-5.7.0.4?arch=0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-abwq-d34g-6fax"},{"vulnerability":"VCID-qy36-h4j1-rbez"},{"vulnerability":"VCID-vk6b-52uj-z7he"},{"vulnerability":"VCID-vrpb-u4tv-sqdj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openoffice.org2@1:2.0.4-5.7.0.4%3Farch=0"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0320.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0320.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0320","reference_id":"","reference_type":"","scores":[{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99198","published_at":"2026-04-01T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99203","published_at":"2026-04-04T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99206","published_at":"2026-04-07T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99207","published_at":"2026-04-13T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99208","published_at":"2026-04-16T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.9921","published_at":"2026-04-21T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99212","published_at":"2026-04-26T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99213","published_at":"2026-04-29T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99215","published_at":"2026-05-05T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99216","published_at":"2026-05-07T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99217","published_at":"2026-05-09T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.99218","published_at":"2026-05-11T12:55:00Z"},{"value":"0.82","scoring_system":"epss","scoring_elements":"0.9922","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0320"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=435676","reference_id":"435676","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=435676"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18923.rb","reference_id":"CVE-2008-0320;OSVDB-44472","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18923.rb"},{"reference_url":"https://security.gentoo.org/glsa/200805-16","reference_id":"GLSA-200805-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200805-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0175","reference_id":"RHSA-2008:0175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0176","reference_id":"RHSA-2008:0176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0176"},{"reference_url":"https://usn.ubuntu.com/609-1/","reference_id":"USN-609-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/609-1/"}],"weaknesses":[],"exploits":[{"date_added":null,"description":"This module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on\n          Microsoft Windows XP SP3.\n\n          By supplying a OLE file with a malformed DocumentSummaryInformation stream, an\n          attacker can gain control of the execution flow, which results arbitrary code\n          execution under the context of the user.","required_action":null,"due_date":null,"notes":"Reliability:\n  - unknown-reliability\nStability:\n  - unknown-stability\nSideEffects:\n  - unknown-side-effects\n","known_ransomware_campaign_use":false,"source_date_published":"2008-04-17","exploit_type":null,"platform":"Windows","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/fileformat/openoffice_ole.rb"},{"date_added":"2012-05-25","description":"OpenOffice - OLE Importer DocumentSummaryInformation Stream Handling Overflow (Metasploit)","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2012-05-25","exploit_type":"local","platform":"windows","source_date_updated":"2012-05-25","data_source":"Exploit-DB","source_url":""}],"severity_range_score":null,"exploitability":"2.0","weighted_severity":"0.7","risk_score":1.4,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrpb-u4tv-sqdj"}