PublicDateAtUSN: 2010-08-25
Candidate: CVE-2010-2936
PublicDate: 2010-08-25 20:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2936
 https://ubuntu.com/security/notices/USN-1056-1
Description:
 Integer overflow in simpress.bin in the Impress module in OpenOffice.org
 (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of
 service (application crash) or possibly execute arbitrary code via crafted
 polygons in a PowerPoint document that triggers a heap-based buffer
 overflow.
Ubuntu-Description:
Notes:
 mdeslaur> protected by heap-protector, downgrading to low
Bugs:
Priority: low
Discovered-by: Charlie Miller
Assigned-to:
CVSS: 

Patches_openoffice.org:
upstream_openoffice.org: released (1:3.2.1-6)
dapper_openoffice.org: ignored (reached end-of-life)
hardy_openoffice.org: released (1:2.4.1-1ubuntu2.5)
jaunty_openoffice.org: ignored (reached end-of-life)
karmic_openoffice.org: released (1:3.1.1-5ubuntu1.3)
lucid_openoffice.org: released (1:3.2.0-7ubuntu4.2)
maverick_openoffice.org: released (1:3.2.1-7ubuntu1.1)
devel_openoffice.org: DNE

Patches_libreoffice:
upstream_libreoffice: released (3.3)
dapper_libreoffice: DNE
hardy_libreoffice: DNE
intrepid_libreoffice: DNE
jaunty_libreoffice: DNE
karmic_libreoffice: DNE
lucid_libreoffice: DNE
maverick_libreoffice: DNE
devel_libreoffice: not-affected