CVE-2010-2935

Priority
Description
simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x
before 3.3 does not properly handle integer values associated with
dictionary property items, which allows remote attackers to cause a denial
of service (application crash) or possibly execute arbitrary code via a
crafted PowerPoint document that triggers a heap-based buffer overflow,
related to an "integer truncation error."
Assigned-to
jdstrand
Notes
mdeslaurprotected by heap-protector, downgrading to low
jdstrandlibreoffice 1:3.3.4-0ubuntu1 are already fixed
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
More Information

Updated: 2019-12-05 20:55:24 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)