Buffer overflow in Apache Openoffice

CVE-2010-4643

Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in a…

Vulnerability class: Buffer Overflow

EPSS: 0.042 (88.9th percentile) — read the EPSS interpretation.

Affected products

Apache Openoffice
N/a — versions n/a

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

40775 (x_refsource_SECUNIA, Broken Link, third-party-advisory)
46031 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID, Broken Link)
DSA-2151 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
60799 (x_refsource_SECUNIA, Broken Link, third-party-advisory)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
GLSA-201408-19 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
43118 (x_refsource_SECUNIA, Broken Link, third-party-advisory)
43065 (x_refsource_SECUNIA, Broken Link, third-party-advisory)
ADV-2011-0230 (vdb-entry, x_refsource_VUPEN, Broken Link, Vendor Advisory)
1025002 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK, Broken Link)