CVE-2010-2935

Priority
Description
simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x
before 3.3 does not properly handle integer values associated with
dictionary property items, which allows remote attackers to cause a denial
of service (application crash) or possibly execute arbitrary code via a
crafted PowerPoint document that triggers a heap-based buffer overflow,
related to an "integer truncation error."
Assigned-to
jdstrand
Notes
mdeslaurprotected by heap-protector, downgrading to low
jdstrandlibreoffice 1:3.3.4-0ubuntu1 are already fixed
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
More Information

Updated: 2020-03-18 22:03:40 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)