CVE-2010-0395

2010-06-1000:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2010-0395

openoffice.org

python

code execution

vulnerability

nvd

7.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.062 Low

EPSS

Percentile

93.5%

JSON

OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.

CPENameOperatorVersion
debian:debian_linuxdebian debian linuxeq5.0
fedoraproject:fedorafedoraproject fedoraeq11
fedoraproject:fedorafedoraproject fedoraeq13
opensuse:opensuseopensuseeq11.1
canonical:ubuntu_linuxcanonical ubuntu linuxeq9.04
debian:debian_linuxdebian debian linuxeq6.0
opensuse:opensuseopensuseeq11.0
fedoraproject:fedorafedoraproject fedoraeq12
canonical:ubuntu_linuxcanonical ubuntu linuxeq9.10
opensuse:opensuseopensuseeq11.2

CPE	Name	Operator	Version
debian:debian_linux	debian debian linux	eq	5.0
fedoraproject:fedora	fedoraproject fedora	eq	11
fedoraproject:fedora	fedoraproject fedora	eq	13
opensuse:opensuse	opensuse	eq	11.1
canonical:ubuntu_linux	canonical ubuntu linux	eq	9.04
debian:debian_linux	debian debian linux	eq	6.0
opensuse:opensuse	opensuse	eq	11.0
fedoraproject:fedora	fedoraproject fedora	eq	12
canonical:ubuntu_linux	canonical ubuntu linux	eq	9.10
opensuse:opensuse	opensuse	eq	11.2