Kaspersky LabKLA10280KLA10280 DoS vulnerability in OpenOffice.org
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.1 High
AI Score
Confidence
High
0.149 Low
EPSS
Percentile
95.8%
Multiple critical vulnerabilities have been found in OpenOffice.org. Malicious users can exploit these vulnerabilities to cause denial of service or possibly execute arbitrary code. Below is a complete list of vulnerabilities
- An integer overflow can be exploited remotely via specially designed polygons;
- Improper dictionary handling can be exploited remotely via a specially designed PowerPoint document.
Original advisories
Related products
CVE list
CVE-2010-2936 critical
CVE-2010-2935 critical
Solution
Update to latest version
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Affected Products
- OpenOffice.org 2 all versionsOpenOffice.org 3 versions 3.2.1 and earlier
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.1 High
AI Score
Confidence
High
0.149 Low
EPSS
Percentile
95.8%