CVE-2010-3453
CVE-2010-3453
The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://osvdb.org/70714https://bugzilla.redhat.com/show_bug.cgi?id=640950http://secunia.com/advisories/40775http://secunia.com/advisories/42999http://secunia.com/advisories/43065http://secunia.com/advisories/43105http://secunia.com/advisories/43118http://secunia.com/advisories/60799http://ubuntu.com/usn/usn-1056-1http://www.cs.brown.edu/people/drosenbe/research.htmlhttp://www.debian.org/security/2011/dsa-2151http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml