Test ID:	1.3.6.1.4.1.25623.1.0.902283
Category:	General
Title:	OpenOffice.org Buffer Overflow and Directory Traversal Vulnerabilities - Windows
Summary:	OpenOffice is prone to buffer overflow and directory traversal vulnerabilities.
Description:	Summary: OpenOffice is prone to buffer overflow and directory traversal vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - A buffer overflow error when processing malformed TGA files and PNG files - A memory corruption error within the 'WW8ListManager::WW8ListManager()' and 'WW8DopTypography::ReadFromMem()' function when processing malformed data - A memory corruption error when processing malformed RTF data - A directory traversal error related to 'zip/jar' package extraction - A buffer overflow error when processing malformed PPT files Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will crash the application. Affected Software/OS: OpenOffice Version 2.x and 3.x to 3.2.0 on windows. Solution: Upgrade to OpenOffice Version 3.3.0 or later CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3450 1025002 http://www.securitytracker.com/id?1025002 40775 http://secunia.com/advisories/40775 42999 http://secunia.com/advisories/42999 43065 http://secunia.com/advisories/43065 43105 http://secunia.com/advisories/43105 43118 http://secunia.com/advisories/43118 46031 http://www.securityfocus.com/bid/46031 60799 http://secunia.com/advisories/60799 70711 http://osvdb.org/70711 ADV-2011-0230 http://www.vupen.com/english/advisories/2011/0230 ADV-2011-0232 http://www.vupen.com/english/advisories/2011/0232 ADV-2011-0279 http://www.vupen.com/english/advisories/2011/0279 DSA-2151 http://www.debian.org/security/2011/dsa-2151 GLSA-201408-19 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MDVSA-2011:027 http://www.mandriva.com/security/advisories?name=MDVSA-2011:027 RHSA-2011:0181 http://www.redhat.com/support/errata/RHSA-2011-0181.html RHSA-2011:0182 http://www.redhat.com/support/errata/RHSA-2011-0182.html USN-1056-1 http://ubuntu.com/usn/usn-1056-1 http://www.openoffice.org/security/cves/CVE-2010-3450.html http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html https://bugzilla.redhat.com/show_bug.cgi?id=602324 Common Vulnerability Exposure (CVE) ID: CVE-2010-3451 70712 http://osvdb.org/70712 http://www.cs.brown.edu/people/drosenbe/research.html http://www.openoffice.org/security/cves/CVE-2010-3451_CVE-2010-3452.html http://www.vsecurity.com/resources/advisory/20110126-1 https://bugzilla.redhat.com/show_bug.cgi?id=641282 ooo-rtf-ce(65030) https://exchange.xforce.ibmcloud.com/vulnerabilities/65030 Common Vulnerability Exposure (CVE) ID: CVE-2010-3452 70713 http://osvdb.org/70713 https://bugzilla.redhat.com/show_bug.cgi?id=640241 ooo-oowriter-ce(65031) https://exchange.xforce.ibmcloud.com/vulnerabilities/65031 Common Vulnerability Exposure (CVE) ID: CVE-2010-3453 70714 http://osvdb.org/70714 http://www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.html https://bugzilla.redhat.com/show_bug.cgi?id=640950 Common Vulnerability Exposure (CVE) ID: CVE-2010-3454 70715 http://osvdb.org/70715 https://bugzilla.redhat.com/show_bug.cgi?id=640954 Common Vulnerability Exposure (CVE) ID: CVE-2010-4253 70717 http://osvdb.org/70717 http://www.openoffice.org/security/cves/CVE-2010-4253.html https://bugzilla.redhat.com/show_bug.cgi?id=658259 Common Vulnerability Exposure (CVE) ID: CVE-2010-4643 70718 http://osvdb.org/70718 http://www.openoffice.org/security/cves/CVE-2010-4643.html https://bugzilla.redhat.com/show_bug.cgi?id=667588 ooo-tga-bo(65441) https://exchange.xforce.ibmcloud.com/vulnerabilities/65441
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.