Versio.io

CVE-2010-3689

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 28-01-2011 11:00
Last modified: - 07-02-2022 05:41
Total changes: - 2

Description

soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Common Vulnerability Scoring System (CVSS)

AV:L/AC:M/Au:N/C:C/I:C/A:C
Low
Attack complexity
Local
Attack vector
High
Availability
High
Confidentiality
High
Integrity
-
Privileges required
-
Scope
-
User interaction
6.9
Base score
3.4
10.0
Exploitability score
Impact score
 

Verification logic

OR
OR
vendor=apache AND product=openoffice AND versionStartIncluding=3.0.0 AND versionEndExcluding=3.3.0
OR
vendor=canonical AND product=ubuntu_linux AND version=8.04 AND software_edition=-
vendor=canonical AND product=ubuntu_linux AND version=9.10
vendor=canonical AND product=ubuntu_linux AND version=10.04 AND software_edition=-
vendor=canonical AND product=ubuntu_linux AND version=10.10
vendor=Debian AND product=debian_linux AND version=5.0
vendor=Debian AND product=debian_linux AND version=6.0
 

Reference

 


Keywords

NVD

 

CVE-2010-3689

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.