CVE-2010-3689

CWE-22Path Traversal6 documents6 sources
Severity
6.9MEDIUM
EPSS
0.1%
top 83.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apache OpenofficeCanonical Ubuntu LinuxDebian Debian Linux
Timeline
PublishedJan 28
Latest updateMay 13

Description

soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

NVDapache/openoffice3.0.03.3.0

Also affects: Debian Linux 5.0, 6.0, Ubuntu Linux 10.04, 10.10, 8.04, 9.10

🔴Vulnerability Details

2
GHSA
GHSA-hmvp-8rpc-gr57: soffice in OpenOffice2022-05-13
CVEList
CVE-2010-3689: soffice in OpenOffice2011-01-28

📋Vendor Advisories

2
Ubuntu
OpenOffice.org vulnerabilities2011-02-02
Red Hat
OpenOffice.org: soffice insecure LD_LIBRARY_PATH setting2011-01-26

💬Community

1
Bugzilla
CVE-2010-3689 OpenOffice.org: soffice insecure LD_LIBRARY_PATH setting2010-10-08
CVE-2010-3689 (MEDIUM CVSS 6.9) | soffice in OpenOffice.org (OOo) 3.x | cvebase.io