Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-3453

Опубликовано: 26 янв. 2011
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 3openoffice.orgAffected
Red Hat Enterprise Linux 4openoffice.orgFixedRHSA-2011:018128.01.2011
Red Hat Enterprise Linux 4openoffice.org2FixedRHSA-2011:018128.01.2011
Red Hat Enterprise Linux 5openoffice.orgFixedRHSA-2011:018228.01.2011
Red Hat Enterprise Linux 6openoffice.orgFixedRHSA-2011:018328.01.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=640950OpenOffice.org: Heap-based buffer overflow by processing *.doc files with WW8 list styles with specially-crafted count of list levels

EPSS

Процентиль: 90%
0.06034
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-3453

ubuntu
больше 14 лет назад

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write.

nvd логотип

CVE-2010-3453

nvd
больше 14 лет назад

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write.

debian логотип

CVE-2010-3453

debian
больше 14 лет назад

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice. ...

github логотип

GHSA-wmv5-vqx6-3hcq

github
около 3 лет назад

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write.

fstec логотип

BDU:2020-02899

CVSS3: 9.9
fstec
больше 14 лет назад

Уязвимость функции WW8ListManager офисного пакета OpenOffice, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 90%
0.06034
Низкий

6.8 Medium

CVSS2