CVE-2010-3453
- EPSS 9.67%
- Veröffentlicht 28.01.2011 22:00:05
- Zuletzt bearbeitet 16.06.2026 23:22:48
The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows re...
CVE-2010-3454
- EPSS 10.27%
- Veröffentlicht 28.01.2011 22:00:05
- Zuletzt bearbeitet 16.06.2026 23:22:48
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted...
CVE-2010-3689
- EPSS 0.65%
- Veröffentlicht 28.01.2011 22:00:05
- Zuletzt bearbeitet 16.06.2026 23:23:20
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-4253
- EPSS 10.1%
- Veröffentlicht 28.01.2011 22:00:05
- Zuletzt bearbeitet 16.06.2026 23:24:26
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office docu...
- EPSS 4.21%
- Veröffentlicht 20.01.2011 19:00:08
- Zuletzt bearbeitet 16.06.2026 23:27:30
Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows...
CVE-2011-0480
- EPSS 2.3%
- Veröffentlicht 14.01.2011 17:00:03
- Zuletzt bearbeitet 16.06.2026 23:27:28
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or ...
CVE-2011-0482
- EPSS 1.88%
- Veröffentlicht 14.01.2011 17:00:03
- Zuletzt bearbeitet 16.06.2026 23:27:28
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impa...
- EPSS 2.83%
- Veröffentlicht 14.01.2011 17:00:02
- Zuletzt bearbeitet 16.06.2026 23:27:27
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified...
CVE-2010-3875
- EPSS 0.39%
- Veröffentlicht 03.01.2011 20:00:42
- Zuletzt bearbeitet 16.06.2026 23:23:44
The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this str...
CVE-2010-3876
- EPSS 0.38%
- Veröffentlicht 03.01.2011 20:00:42
- Zuletzt bearbeitet 16.06.2026 23:23:44
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capabilit...