PT-2010-1158 · Apache+1 · Openoffice+1

Nicolas Joly

Published

2010-02-12

Updated

2022-02-07

CVE-2009-3301

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions OpenOffice versions prior to 3.2

Description The issue is related to an error in the sprmTDefTable table property modifier in a document, which can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. The exploitation may also allow the execution of arbitrary code via a crafted Word document.

Recommendations For versions prior to 3.2, update to version 3.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the sprmTDefTable table property modifier in Word documents until the issue is resolved. Restrict access to potentially malicious Word documents to minimize the risk of exploitation.

Fix

DoS

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189CWE-191

Related Identifiers

BDU:2020-02891

CVE-2009-3301

DSA-1995-1

DTSA-205-1

RHSA-2010:0101

RHSA-2010_0101

Affected Products

Openoffice

Red Hat

PT-2010-1158 · Apache+1 · Openoffice+1

CVE-2009-3301

Weakness Enumeration

Related Identifiers

Affected Products

References · 37