PT-2010-1158 · Apache+1 · Openoffice+1

Nicolas Joly

Publicado

2010-02-12

Atualizado

2022-02-07

CVE-2009-3301

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions OpenOffice versions prior to 3.2

Description The issue is related to an error in the sprmTDefTable table property modifier in a document, which can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. The exploitation may also allow the execution of arbitrary code via a crafted Word document.

Recommendations For versions prior to 3.2, update to version 3.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the sprmTDefTable table property modifier in Word documents until the issue is resolved. Restrict access to potentially malicious Word documents to minimize the risk of exploitation.

Correção

DoS

Integer Underflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189CWE-191

Identificadores relacionados

BDU:2020-02891

CVE-2009-3301

DSA-1995-1

DTSA-205-1

RHSA-2010:0101

RHSA-2010_0101

Produtos afetados

Openoffice

Red Hat

PT-2010-1158 · Apache+1 · Openoffice+1

CVE-2009-3301

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 37