CVE-2010-3451

2011-01-2822:00:00

CWE-416

[email protected]

web.nvd.nist.gov

cve-2010-3451

use-after-free vulnerability

openoffice.org

ooo

denial of service

remote attackers

application crash

arbitrary code

rtf document

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.031 Low

EPSS

Percentile

91.0%

JSON

Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document.

CPENameOperatorVersion
apache:openofficeapache openofficelt3.3.0
debian:debian_linuxdebian debian linuxeq5.0
canonical:ubuntu_linuxcanonical ubuntu linuxeq10.10
debian:debian_linuxdebian debian linuxeq6.0
canonical:ubuntu_linuxcanonical ubuntu linuxeq9.10
canonical:ubuntu_linuxcanonical ubuntu linuxeq10.04
canonical:ubuntu_linuxcanonical ubuntu linuxeq8.04

CPE	Name	Operator	Version
apache:openoffice	apache openoffice	lt	3.3.0
debian:debian_linux	debian debian linux	eq	5.0
canonical:ubuntu_linux	canonical ubuntu linux	eq	10.10
debian:debian_linux	debian debian linux	eq	6.0
canonical:ubuntu_linux	canonical ubuntu linux	eq	9.10
canonical:ubuntu_linux	canonical ubuntu linux	eq	10.04
canonical:ubuntu_linux	canonical ubuntu linux	eq	8.04