Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C
Vendors Products
Canonical
  • Ubuntu Linux
Apache
  • Openoffice
Debian
  • Debian Linux

Configuration 1 [-]

cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
References
Link Resource
http://osvdb.org/70713 Broken Link
http://secunia.com/advisories/40775 Broken Link
http://secunia.com/advisories/42999 Broken Link
http://secunia.com/advisories/43065 Broken Link
http://secunia.com/advisories/43105 Broken Link
http://secunia.com/advisories/43118 Broken Link
http://secunia.com/advisories/60799 Broken Link
http://ubuntu.com/usn/usn-1056-1 Third Party Advisory
http://www.cs.brown.edu/people/drosenbe/research.html Broken Link
http://www.debian.org/security/2011/dsa-2151 Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:027 Broken Link
http://www.openoffice.org/security/cves/CVE-2010-3451_CVE-2010-3452.html Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-0181.html Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0182.html Broken Link
http://www.securityfocus.com/bid/46031 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1025002 Broken Link Third Party Advisory VDB Entry
http://www.vsecurity.com/resources/advisory/20110126-1 Broken Link
http://www.vupen.com/english/advisories/2011/0230 Broken Link
http://www.vupen.com/english/advisories/2011/0232 Broken Link
http://www.vupen.com/english/advisories/2011/0279 Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=640241 Issue Tracking Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/65031 Third Party Advisory VDB Entry
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2011-01-28T21:13:00

Updated: 2017-08-16T14:57:01

Reserved: 2010-09-17T00:00:00

Link: CVE-2010-3452

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2011-01-28T22:00:05.347

Modified: 2022-02-07T16:59:50.637

Link: CVE-2010-3452

JSON object: View

cve-icon Redhat Information

No data.

CWE