CVE-2010-3453: Buffer Overflow
First published: Thu Oct 07 2010(Updated: )
A heap-based buffer overflow was found in the way OpenOffice.org imported Microsoft Word Binary File Format (.DOC) files with certain user defined list styles (WW8). If a user opened a specially-crafted DOC file in OpenOffice.org suite tool (oowriter), it could lead to denial of service (oowriter executable crash), or possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Writer. References: [1] <a href="http://www.cs.brown.edu/people/drosenbe/research.html">http://www.cs.brown.edu/people/drosenbe/research.html</a> Acknowledgements: Red Hat would like to thank OpenOffice.org for reporting this issue. Upstream acknowledges Dan Rosenberg of Virtual Security Research as the original reporter.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache OpenOffice | >=2.0.0<3.3.0 | |
| Debian Linux | =5.0 | |
| Ubuntu | =10.10 | |
| Debian Linux | =6.0 | |
| Ubuntu | =9.10 | |
| Ubuntu | =8.04 | |
| Ubuntu | =10.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cs.brown.edu/people/drosenbe/research.html
- http://www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.html
- https://rhn.redhat.com/errata/RHSA-2011-0181.html
- https://rhn.redhat.com/errata/RHSA-2011-0182.html
- https://rhn.redhat.com/errata/RHSA-2011-0183.html
- https://bugzilla.redhat.com/show_bug.cgi?id=640950
- http://www.debian.org/security/2011/dsa-2151
- http://www.securityfocus.com/bid/46031
- http://www.vupen.com/english/advisories/2011/0232
- http://www.vupen.com/english/advisories/2011/0230
- http://secunia.com/advisories/43065
- http://secunia.com/advisories/42999
- http://secunia.com/advisories/43105
- http://www.redhat.com/support/errata/RHSA-2011-0182.html
- http://ubuntu.com/usn/usn-1056-1
- http://www.securitytracker.com/id?1025002
- http://osvdb.org/70714
- http://secunia.com/advisories/43118
- http://www.redhat.com/support/errata/RHSA-2011-0181.html
- http://www.vupen.com/english/advisories/2011/0279
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:027
- http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
- http://www.vsecurity.com/resources/advisory/20110126-1
- http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
- http://secunia.com/advisories/60799
- http://secunia.com/advisories/40775
Frequently Asked Questions
What is the severity of CVE-2010-3453?
CVE-2010-3453 is classified as a major vulnerability due to its potential to cause a heap-based buffer overflow leading to denial of service.
How do I fix CVE-2010-3453?
To fix CVE-2010-3453, users should update to a patched version of Apache OpenOffice or their relevant Linux distribution that mitigates this vulnerability.
Which versions are affected by CVE-2010-3453?
CVE-2010-3453 affects versions of Apache OpenOffice from 2.0.0 to 3.3.0 and specific versions of Debian and Ubuntu Linux.
What is the impact of exploiting CVE-2010-3453?
Exploiting CVE-2010-3453 can lead to a denial of service, causing the OpenOffice.org tool to crash when opening specially-crafted DOC files.
Is there a workaround for CVE-2010-3453 if I cannot update?
As a temporary workaround for CVE-2010-3453, users should avoid opening untrusted or suspicious DOC files until the software can be updated.
- collector/redhat-bugzilla
- alias/CVE-2010-3453
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apache
- canonical/apache openoffice
- version/apache openoffice/2.0.0
- vendor/debian
- canonical/debian linux
- version/debian linux/5.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/10.10
- version/debian linux/6.0
- version/ubuntu/9.10
- version/ubuntu/8.04
- version/ubuntu/10.04