CVE-2010-3450

N/A Unknown
Published: January 28, 2011 Modified: April 29, 2026
View on NVD

Description

Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://osvdb.org/70711
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/40775
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/42999
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/43065
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/43105
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/43118
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/60799
Source: secalert@redhat.com
Broken Link
http://ubuntu.com/usn/usn-1056-1
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2011/dsa-2151
Source: secalert@redhat.com
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
Source: secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:027
Source: secalert@redhat.com
Broken Link
http://www.openoffice.org/security/cves/CVE-2010-3450.html
Source: secalert@redhat.com
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0181.html
Source: secalert@redhat.com
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0182.html
Source: secalert@redhat.com
Broken Link
http://www.securityfocus.com/bid/46031
Source: secalert@redhat.com
Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1025002
Source: secalert@redhat.com
Broken Link Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2011/0230
Source: secalert@redhat.com
Broken Link
http://www.vupen.com/english/advisories/2011/0232
Source: secalert@redhat.com
Broken Link
http://www.vupen.com/english/advisories/2011/0279
Source: secalert@redhat.com
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=602324
Source: secalert@redhat.com
Issue Tracking Patch Third Party Advisory
http://osvdb.org/70711
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/40775
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/42999
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/43065
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/43105
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/43118
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/60799
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://ubuntu.com/usn/usn-1056-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2011/dsa-2151
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:027
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.openoffice.org/security/cves/CVE-2010-3450.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0181.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0182.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.securityfocus.com/bid/46031
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1025002
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2011/0230
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2011/0232
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2011/0279
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=602324
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Patch Third Party Advisory

42 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
10.7%
95th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-22

Affected Vendors

debian canonical apache

Related CVEs

CVE-2026-40941 N/A
CVE-2026-40084 6.5
CVE-2026-40083 7.2
CVE-2026-40082 5.4
CVE-2026-40080 6.1