Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2010-2935

Published: 25 August 2010

simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error."

Notes

AuthorNote
mdeslaur
protected by heap-protector, downgrading to low
jdstrand
libreoffice 1:3.3.4-0ubuntu1 are already fixed

Priority

Low

Status

Package Release Status
libreoffice
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

lucid Does not exist

maverick Does not exist

natty Not vulnerable

oneiric Not vulnerable

precise Not vulnerable

upstream Needs triage

openoffice.org
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
hardy
Released (1:2.4.1-1ubuntu2.5)
jaunty Ignored
(end of life)
karmic
Released (1:3.1.1-5ubuntu1.3)
lucid
Released (1:3.2.0-7ubuntu4.2)
maverick
Released (1:3.2.1-7ubuntu1.1)
natty Not vulnerable
(transitional package)
oneiric Not vulnerable
(transitional package)
precise Not vulnerable
(transitional package)
upstream Needs triage