Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-3454

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write.

Related bugs and status

CVE-2010-3454 (Candidate) is related to these bugs:

Bug #882588: LibreOffice/Mozilla integration broken

Summary				In	Importance	Status
	882588	LibreOffice/Mozilla integration broken		libreoffice (Ubuntu)	Undecided	Fix Released
	882588	LibreOffice/Mozilla integration broken		firefox (Ubuntu)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.cs.brown.ed...
MISC: http://www.vsecurity.c...
MISC: http://www.securitytra...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://osvdb.org/70715
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.debian.org/...
MISC: http://www.gentoo.org/...
MISC: http://www.mandriva.co...
MISC: https://bugzilla.redha...
MISC: http://www.redhat.com/...
MISC: http://www.redhat.com/...
MISC: http://ubuntu.com/usn/...
MISC: http://www.openoffice....
MISC: http://www.oracle.com/...