Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 01:18
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/70711 - Broken Link | |
References | () http://secunia.com/advisories/40775 - Broken Link | |
References | () http://secunia.com/advisories/42999 - Broken Link | |
References | () http://secunia.com/advisories/43065 - Broken Link | |
References | () http://secunia.com/advisories/43105 - Broken Link | |
References | () http://secunia.com/advisories/43118 - Broken Link | |
References | () http://secunia.com/advisories/60799 - Broken Link | |
References | () http://ubuntu.com/usn/usn-1056-1 - Third Party Advisory | |
References | () http://www.debian.org/security/2011/dsa-2151 - Third Party Advisory | |
References | () http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2011:027 - Broken Link | |
References | () http://www.openoffice.org/security/cves/CVE-2010-3450.html - Vendor Advisory | |
References | () http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html - Third Party Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2011-0181.html - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2011-0182.html - Broken Link | |
References | () http://www.securityfocus.com/bid/46031 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1025002 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.vupen.com/english/advisories/2011/0230 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2011/0232 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2011/0279 - Broken Link | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=602324 - Issue Tracking, Patch, Third Party Advisory |
Information
Published : 2011-01-28 22:00
Updated : 2024-11-21 01:18
NVD link : CVE-2010-3450
Mitre link : CVE-2010-3450
CVE.ORG link : CVE-2010-3450
JSON object : View
Products Affected
canonical
- ubuntu_linux
apache
- openoffice
debian
- debian_linux
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')