CVE-2010-0136

Severity

93%

Complexity

86%

Confidentiality

165%

OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.

OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

Sun Microsystems OpenOffice.org

First reported 15 years ago

2010-02-16 19:30:00

Last updated 14 years ago

2010-11-11 06:44:00

Affected Software

Sun Microsystems OpenOffice.org 2.4.1

2.4.1

Sun Microsystems OpenOffice.org 3.1.1

3.1.1

References

SUSE-SA:2010:017

38695

38921

1023588

DSA-1995

[debian-openoffice] 20100212 ./packages/openofficeorg/3.1.1/unstable r1866: merge 1:3.1.1-15+squeeze1

MDVSA-2010:221

38245

USN-903-1

ADV-2010-0635

ADV-2010-2905

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.