OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.
References
| Link | Resource |
|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html | Third Party Advisory |
| http://secunia.com/advisories/38695 | Broken Link |
| http://secunia.com/advisories/38921 | Broken Link |
| http://securitytracker.com/id?1023588 | Broken Link Third Party Advisory VDB Entry |
| http://www.debian.org/security/2010/dsa-1995 | Third Party Advisory |
| http://www.mail-archive.com/debian-openoffice%40lists.debian.org/msg23178.html | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2010:221 | Broken Link |
| http://www.securityfocus.com/bid/38245 | Broken Link Third Party Advisory VDB Entry |
| http://www.ubuntu.com/usn/USN-903-1 | Third Party Advisory |
| http://www.vupen.com/english/advisories/2010/0635 | Broken Link |
| http://www.vupen.com/english/advisories/2010/2905 | Broken Link |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-02-16T19:00:00
Updated: 2010-03-26T09:00:00
Reserved: 2010-01-04T00:00:00
Link: CVE-2010-0136
JSON object: View
NVD Information
Status : Modified
Published: 2010-02-16T19:30:00.610
Modified: 2023-11-07T02:05:00.347
Link: CVE-2010-0136
JSON object: View
Redhat Information
No data.
CWE