[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-0395Date: (C)2010-06-09   (M)2023-12-22


OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECUNIA-40070
SECUNIA-40084
SECUNIA-40104
SECUNIA-40107
SECUNIA-41818
SECUNIA-60799
ADV-2010-1350
ADV-2010-1353
ADV-2010-1366
ADV-2010-1369
ADV-2010-2905
DSA-2055
FEDORA-2010-9576
FEDORA-2010-9628
FEDORA-2010-9633
GLSA-201408-19
MDVSA-2010:221
RHSA-2010:0459
SUSE-SR:2010:014
TA10-287A
USN-949-1
http://www.openoffice.org/security/cves/CVE-2010-0395.html
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
https://bugzilla.redhat.com/show_bug.cgi?id=574119
oval:org.mitre.oval:def:11091

CPE    10
cpe:/o:opensuse:opensuse:11.1
cpe:/o:opensuse:opensuse:11.0
cpe:/o:opensuse:opensuse:11.2
cpe:/o:debian:debian_linux:5.0
...
OVAL    11
oval:org.secpod.oval:def:700108
oval:org.secpod.oval:def:201752
oval:org.secpod.oval:def:201838
oval:org.secpod.oval:def:600052
...

© SecPod Technologies