9.3
CVE-2010-2935
- EPSS 7.09%
- Veröffentlicht 25.08.2010 20:00:17
- Zuletzt bearbeitet 16.06.2026 23:21:47
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Openoffice ≫ Openoffice.Org Version3.2.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.09% | 0.934 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://secunia.com/advisories/60799
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:221
http://www.vupen.com/english/advisories/2010/2905
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
http://securityevaluators.com/files/papers/CrashAnalysis.pdf
http://secunia.com/advisories/40775
http://secunia.com/advisories/41052
http://secunia.com/advisories/41235
http://secunia.com/advisories/42927
http://secunia.com/advisories/43105
http://ubuntu.com/usn/usn-1056-1
http://www.debian.org/security/2010/dsa-2099
http://www.openoffice.org/security/cves/CVE-2010-2935_CVE-2010-2936.html
http://www.openoffice.org/servlets/ReadMsg?list=dev&msgNo=27690
http://www.openwall.com/lists/oss-security/2010/08/11/1
http://www.openwall.com/lists/oss-security/2010/08/11/4
http://www.redhat.com/support/errata/RHSA-2010-0643.html
http://www.securitytracker.com/id?1024352
http://www.securitytracker.com/id?1024976
http://www.vupen.com/english/advisories/2010/2003
http://www.vupen.com/english/advisories/2010/2149
http://www.vupen.com/english/advisories/2010/2228
http://www.vupen.com/english/advisories/2011/0150
http://www.vupen.com/english/advisories/2011/0230
http://www.vupen.com/english/advisories/2011/0279
https://bugzilla.redhat.com/show_bug.cgi?id=622529
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12063