CVE-2010-2935

N/A Unknown

Published: August 25, 2010 Modified: April 29, 2026

Description

simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

Source: secalert@redhat.com

http://secunia.com/advisories/40775

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/41052

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/41235

Source: secalert@redhat.com

http://secunia.com/advisories/42927

Source: secalert@redhat.com

http://secunia.com/advisories/43105

Source: secalert@redhat.com

http://secunia.com/advisories/60799

Source: secalert@redhat.com

http://securityevaluators.com/files/papers/CrashAnalysis.pdf

Source: secalert@redhat.com

http://ubuntu.com/usn/usn-1056-1

Source: secalert@redhat.com

http://www.debian.org/security/2010/dsa-2099

Source: secalert@redhat.com

http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2010:221

Source: secalert@redhat.com

http://www.openoffice.org/security/cves/CVE-2010-2935_CVE-2010-2936.html

Source: secalert@redhat.com

http://www.openoffice.org/servlets/ReadMsg?list=dev&msgNo=27690

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2010/08/11/1

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2010/08/11/4

Source: secalert@redhat.com

http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2010-0643.html

Source: secalert@redhat.com

http://www.securitytracker.com/id?1024352

Source: secalert@redhat.com

http://www.securitytracker.com/id?1024976

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2010/2003

Source: secalert@redhat.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/2149

Source: secalert@redhat.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/2228

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2010/2905

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2011/0150

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2011/0230

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2011/0279

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=622529

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12063

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html