CVE - CVE-2010-3454

CVE-ID
CVE-2010-3454	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1025002 URL:http://www.securitytracker.com/id?1025002 MISC:40775 URL:http://secunia.com/advisories/40775 MISC:42999 URL:http://secunia.com/advisories/42999 MISC:43065 URL:http://secunia.com/advisories/43065 MISC:43105 URL:http://secunia.com/advisories/43105 MISC:43118 URL:http://secunia.com/advisories/43118 MISC:46031 URL:http://www.securityfocus.com/bid/46031 MISC:60799 URL:http://secunia.com/advisories/60799 MISC:70715 URL:~~http://osvdb.org/70715~~ (Obsolete source) MISC:ADV-2011-0230 URL:~~http://www.vupen.com/english/advisories/2011/0230~~ (Obsolete source) MISC:ADV-2011-0232 URL:~~http://www.vupen.com/english/advisories/2011/0232~~ (Obsolete source) MISC:ADV-2011-0279 URL:~~http://www.vupen.com/english/advisories/2011/0279~~ (Obsolete source) MISC:DSA-2151 URL:http://www.debian.org/security/2011/dsa-2151 MISC:GLSA-201408-19 URL:http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MISC:MDVSA-2011:027 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2011:027~~ (Obsolete source) MISC:RHSA-2011:0181 URL:http://www.redhat.com/support/errata/RHSA-2011-0181.html MISC:RHSA-2011:0182 URL:http://www.redhat.com/support/errata/RHSA-2011-0182.html MISC:USN-1056-1 URL:http://ubuntu.com/usn/usn-1056-1 MISC:http://www.cs.brown.edu/people/drosenbe/research.html URL:http://www.cs.brown.edu/people/drosenbe/research.html MISC:http://www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.html URL:http://www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.html MISC:http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html URL:http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html MISC:http://www.vsecurity.com/resources/advisory/20110126-1 URL:http://www.vsecurity.com/resources/advisory/20110126-1 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=640954 URL:https://bugzilla.redhat.com/show_bug.cgi?id=640954
Assigning CNA
Red Hat, Inc.
Date Record Created
20100917	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20100917)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)