Published: 25/08/2010 Updated: 13/02/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x prior to 3.3 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openoffice openoffice.org 3.2.1

Synopsis Important: openofficeorg security update Type/Severity Security Advisory: Important Topic Updated openofficeorg packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 3 and 4The Red Hat Security Response Team has rated this update as havingimportant security impact ...

Multiple vulnerabilities in OpenOfficeorg ...

Charlie Miller has discovered two vulnerabilities in OpenOfficeorg Impress, which can be exploited by malicious people to compromise a user's system and execute arbitrary code An integer truncation error when parsing certain content can be exploited to cause a heap-based buffer overflow via a specially crafted file A short integer o ...

CWE-189 http://www.openoffice.org/servlets/ReadMsg?list=dev&msgNo=27690 https://bugzilla.redhat.com/show_bug.cgi?id=622555 http://www.vupen.com/english/advisories/2010/2003 http://www.openwall.com/lists/oss-security/2010/08/11/1 https://bugzilla.redhat.com/show_bug.cgi?id=622529#c6 http://secunia.com/advisories/40775 http://www.vupen.com/english/advisories/2010/2149 http://secunia.com/advisories/41052 http://www.openwall.com/lists/oss-security/2010/08/11/4 http://securityevaluators.com/files/papers/CrashAnalysis.pdf http://www.redhat.com/support/errata/RHSA-2010-0643.html http://www.debian.org/security/2010/dsa-2099 http://secunia.com/advisories/41235 http://www.vupen.com/english/advisories/2010/2228 http://www.securitytracker.com/id?1024352 http://www.vupen.com/english/advisories/2010/2905 http://www.mandriva.com/security/advisories?name=MDVSA-2010:221 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html http://secunia.com/advisories/42927 http://www.securitytracker.com/id?1024976 http://www.vupen.com/english/advisories/2011/0150 http://www.vupen.com/english/advisories/2011/0230 http://www.openoffice.org/security/cves/CVE-2010-2935_CVE-2010-2936.html http://ubuntu.com/usn/usn-1056-1 http://secunia.com/advisories/43105 http://www.vupen.com/english/advisories/2011/0279 http://secunia.com/advisories/60799 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12144 https://access.redhat.com/errata/RHSA-2010:0643 https://usn.ubuntu.com/1056-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2936

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect