Lucene search

[email protected]CVE-2010-2935

HistoryAug 25, 2010 - 8:00 p.m.

CVE-2010-2935

2010-08-2520:00:17

CWE-189

[email protected]

web.nvd.nist.gov

cve-2010-2935

openoffice.org

ooo

denial of service

code execution

powerpoint

heap-based buffer overflow

integer truncation error

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.127 Low

EPSS

Percentile

95.5%

JSON

simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an “integer truncation error.”

Affected configurations

NVD

Node

openofficeopenoffice.orgMatch3.2.1

AND

microsoftwindows

CPENameOperatorVersion
openoffice:openoffice.orgopenoffice openoffice.orgeq3.2.1

CPE	Name	Operator	Version
openoffice:openoffice.org	openoffice openoffice.org	eq	3.2.1

References

lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

secunia.com/advisories/40775

secunia.com/advisories/41052

secunia.com/advisories/41235

secunia.com/advisories/42927

secunia.com/advisories/43105

secunia.com/advisories/60799

securityevaluators.com/files/papers/CrashAnalysis.pdf

ubuntu.com/usn/usn-1056-1

www.debian.org/security/2010/dsa-2099

www.gentoo.org/security/en/glsa/glsa-201408-19.xml

www.mandriva.com/security/advisories?name=MDVSA-2010:221

www.openoffice.org/security/cves/CVE-2010-2935_CVE-2010-2936.html

www.openoffice.org/servlets/ReadMsg?list=dev&msgNo=27690

www.openwall.com/lists/oss-security/2010/08/11/1

www.openwall.com/lists/oss-security/2010/08/11/4

www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

www.redhat.com/support/errata/RHSA-2010-0643.html

www.securitytracker.com/id?1024352

www.securitytracker.com/id?1024976

www.vupen.com/english/advisories/2010/2003

www.vupen.com/english/advisories/2010/2149

www.vupen.com/english/advisories/2010/2228

www.vupen.com/english/advisories/2010/2905

www.vupen.com/english/advisories/2011/0150

www.vupen.com/english/advisories/2011/0230

www.vupen.com/english/advisories/2011/0279

bugzilla.redhat.com/show_bug.cgi?id=622529

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12063

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.127 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2010-2935

nvd1 cvelist1 prion1 ubuntucve1 nessus23 openvas17 debian4 securityvulns3 kaspersky1 oraclelinux1 centos1 redhat1 ubuntu1 fedora1 freebsd1 gentoo1 oracle1