Unrated severityNVD Advisory· Published Jan 28, 2011· Updated Apr 29, 2026

CVE-2010-3454

Description

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write.

Affected products

Apache/Openoffice
cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*
Range: >=2.0.0,<3.3.0
Canonical (company)/Ubuntu Linux4 versions
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Debian/Debian Linux2 versions
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ubuntu.com/usn/usn-1056-1nvdThird Party Advisory
www.debian.org/security/2011/dsa-2151nvdThird Party Advisory
www.gentoo.org/security/en/glsa/glsa-201408-19.xmlnvdThird Party Advisory
www.openoffice.org/security/cves/CVE-2010-3453_CVE-2010-3454.htmlnvdVendor Advisory
www.oracle.com/technetwork/topics/security/cpuapr2011-301950.htmlnvdThird Party Advisory
www.securityfocus.com/bid/46031nvdBroken LinkThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
osvdb.org/70715nvdBroken Link
secunia.com/advisories/40775nvdBroken Link
secunia.com/advisories/42999nvdBroken Link
secunia.com/advisories/43065nvdBroken Link
secunia.com/advisories/43105nvdBroken Link
secunia.com/advisories/43118nvdBroken Link
secunia.com/advisories/60799nvdBroken Link
www.cs.brown.edu/people/drosenbe/research.htmlnvdBroken Link
www.mandriva.com/security/advisoriesnvdBroken Link
www.redhat.com/support/errata/RHSA-2011-0181.htmlnvdBroken Link
www.redhat.com/support/errata/RHSA-2011-0182.htmlnvdBroken Link
www.vsecurity.com/resources/advisory/20110126-1nvdBroken Link
www.vupen.com/english/advisories/2011/0230nvdBroken Link
www.vupen.com/english/advisories/2011/0232nvdBroken Link
www.vupen.com/english/advisories/2011/0279nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000