CVE-2010-3454

CWE-1936 documents6 sources
Severity
9.3CRITICAL
EPSS
8.6%
top 7.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apache OpenofficeCanonical Ubuntu LinuxDebian Debian Linux
Timeline
PublishedJan 28
Latest updateMay 13

Description

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDapache/openoffice2.0.03.3.0

Also affects: Debian Linux 5.0, 6.0, Ubuntu Linux 10.04, 10.10, 8.04, 9.10

🔴Vulnerability Details

2
GHSA
GHSA-mc4g-xgv8-54r7: Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice2022-05-13
CVEList
CVE-2010-3454: Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice2011-01-28

📋Vendor Advisories

2
Ubuntu
OpenOffice.org vulnerabilities2011-02-02
Red Hat
OpenOffice.org: Array index error by scanning document typography information of certain *.doc files2011-01-26

💬Community

1
Bugzilla
CVE-2010-3454 OpenOffice.org: Array index error by scanning document typography information of certain *.doc files2010-10-07
CVE-2010-3454 (CRITICAL CVSS 9.3) | Multiple off-by-one errors in the W | cvebase.io