Vulnerability CVE-2010-0395

Vulnerability Name:

CVE-2010-0395 (CCN-59144)

Assigned:

2010-06-05

Published:

2010-06-05

Updated:

2022-02-07

Summary:

OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.1 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-noinfo

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2010-0395

Source: FEDORA
Type: Third Party Advisory
FEDORA-2010-9576

Source: FEDORA
Type: Third Party Advisory
FEDORA-2010-9628

Source: FEDORA
Type: Third Party Advisory
FEDORA-2010-9633

Source: SUSE
Type: Third Party Advisory
SUSE-SR:2010:014

Source: CCN
Type: RHSA-2010-0459
Moderate: openoffice.org security update

Source: CCN
Type: SA40070
OpenOffice.org Data Manipulation and Code Execution Vulnerabilities

Source: SECUNIA
Type: Broken Link
40070

Source: SECUNIA
Type: Broken Link
40084

Source: SECUNIA
Type: Broken Link
40104

Source: SECUNIA
Type: Broken Link
40107

Source: CCN
Type: SA41818
Oracle Open Office Multiple Vulnerabilities

Source: SECUNIA
Type: Broken Link
41818

Source: SECUNIA
Type: Broken Link
60799

Source: UBUNTU
Type: Third Party Advisory
USN-949-1

Source: DEBIAN
Type: Third Party Advisory
DSA-2055

Source: DEBIAN
Type: DSA-2055
openoffice.org -- macro execution

Source: GENTOO
Type: Third Party Advisory
GLSA-201408-19

Source: MANDRIVA
Type: Broken Link
MDVSA-2010:221

Source: CCN
Type: OpenOffice Web Site
Security vulnerability in OpenOffice.org related to python scripting

Source: CONFIRM
Type: Vendor Advisory
http://www.openoffice.org/security/cves/CVE-2010-0395.html

Source: CCN
Type: Oracle Critical Patch Update Advisory - October 2010
Oracle Critical Patch Update Advisory - October 2010

Source: CONFIRM
Type: Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

Source: CCN
Type: OSVDB ID: 65203
OpenOffice.org (OOo) Scripting IDE Python Code Parsing Arbitrary Code Execution

Source: REDHAT
Type: Broken Link
RHSA-2010:0459

Source: CCN
Type: BID-40599
OpenOffice Python Scripting IDE Remote Code Execution Vulnerability

Source: CERT
Type: Third Party Advisory, US Government Resource
TA10-287A

Source: VUPEN
Type: Broken Link, Patch
ADV-2010-1350

Source: VUPEN
Type: Broken Link
ADV-2010-1353

Source: VUPEN
Type: Broken Link
ADV-2010-1366

Source: VUPEN
Type: Broken Link
ADV-2010-1369

Source: VUPEN
Type: Broken Link
ADV-2010-2905

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=574119

Source: XF
Type: UNKNOWN
openoffice-python-code-execution(59144)

Source: OVAL
Type: Tool Signature
oval:org.mitre.oval:def:11091

Vulnerable Configuration:

Configuration 1:

cpe:/o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

OR cpe:/o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*

OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:6.0:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:11:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:12:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:13:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.1:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.2:*:*:*:*:*:*:*

OR cpe:/o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*

OR cpe:/o:suse:linux_enterprise_desktop:11:-:*:*:*:*:*:*

Configuration 2:

cpe:/a:apache:openoffice:*:*:*:*:*:*:*:* (Version >= 2.0.0 and < 3.2.1)

Configuration RedHat 1:

cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20100395	V	CVE-2010-0395	2022-05-20
oval:org.opensuse.security:def:32234	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:32202	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:26107	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:26104	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:32127	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:32942	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:32116	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:32115	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:36479	P	libreoffice-4.0.3.3.26-0.10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36482	P	libreoffice-testtool-3.4.5.5-0.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:29369	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:26043	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:26040	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:26032	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:32898	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:26029	P	Security update for the Linux Kernel (Important)	2021-04-15
oval:org.opensuse.security:def:26028	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:32141	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:26031	P	Security update for php74 (Moderate)	2021-01-14
oval:org.opensuse.security:def:32836	P	Security update for PackageKit (Low)	2020-12-22
oval:org.opensuse.security:def:33619	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:32007	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:28538	P	Security update for coreutils	2020-12-01
oval:org.opensuse.security:def:28258	P	Security update for lxc (Moderate)	2020-12-01
oval:org.opensuse.security:def:32678	P	gstreamer-0_10-plugins-base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26316	P	Recommended update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:28793	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28547	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:33382	P	Security update for compat-openssl097g (Moderate)	2020-12-01
oval:org.opensuse.security:def:31933	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:26608	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28893	P	Security update for fetchmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:28106	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:26454	P	Security update for python-Jinja2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28651	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27911	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:32430	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:26749	P	libgtop on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26707	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27987	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32730	P	librsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27445	P	libexpat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32378	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26804	P	perl-HTML-Parser on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28454	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:32875	P	gstreamer-0_10-plugins-base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28201	P	Recommended update for libical (Moderate)	2020-12-01
oval:org.opensuse.security:def:32639	P	boost-license on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26232	P	Security update for openconnect (Moderate)	2020-12-01
oval:org.opensuse.security:def:28744	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:33580	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nspr and mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:28494	P	Security update for openssl1	2020-12-01
oval:org.opensuse.security:def:32744	P	logwatch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31922	P	Security update for ghostscript-library (Important)	2020-12-01
oval:org.opensuse.security:def:26457	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:28849	P	Security update for xalan-j2	2020-12-01
oval:org.opensuse.security:def:28105	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:26370	P	Security update for mbedtls (Important)	2020-12-01
oval:org.opensuse.security:def:28635	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:32336	P	Security update for sane-backends (Moderate)	2020-12-01
oval:org.opensuse.security:def:26710	P	gnome-screensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29567	P	Security update for OpenOffice_org	2020-12-01
oval:org.opensuse.security:def:28182	P	Security update for kernel modules packages (Moderate)	2020-12-01
oval:org.opensuse.security:def:26658	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29333	P	Security update for compat-openssl097g (Moderate)	2020-12-01
oval:org.opensuse.security:def:27923	P	Security update for xorg-x11-libXv	2020-12-01
oval:org.opensuse.security:def:32574	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26807	P	perl-spamassassin on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32291	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26760	P	libpoppler-glib4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28397	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:26235	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32590	P	pam_ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27477	P	libreoffice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28690	P	Security update for foomatic-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:28342	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:32700	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31921	P	Security update for ghostscript-library (Important)	2020-12-01
oval:org.opensuse.security:def:26373	P	Security update for ffmpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:28832	P	Security update for shim	2020-12-01
oval:org.opensuse.security:def:26313	P	Security update for python-requests (Moderate)	2020-12-01
oval:org.opensuse.security:def:28596	P	Security update for puppet	2020-12-01
oval:org.opensuse.security:def:33421	P	Security update for OpenOffice_org	2020-12-01
oval:org.opensuse.security:def:26661	P	OpenEXR on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29531	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:28117	P	Security update for gnutls (Important)	2020-12-01
oval:org.opensuse.security:def:26605	P	libtiff3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28695	P	Security update for gimp	2020-12-01
oval:org.opensuse.security:def:27912	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:32487	P	apache2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26763	P	libqt4-sql-mysql on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26746	P	libfreebl3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28312	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:32787	P	squidGuard on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27480	P	libreoffice-testtool on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32534	P	kde4-kgreeter-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27442	P	libevent-devel on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:11797	P	DSA-2055 openoffice.org -- macro execution	2015-02-23
oval:org.mitre.oval:def:13530	P	USN-949-1 -- openoffice.org vulnerability	2014-06-30
oval:org.mitre.oval:def:13045	P	DSA-2055-1 openoffice.org -- macro execution	2014-06-23
oval:org.mitre.oval:def:22756	P	ELSA-2010:0459: openoffice.org security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:21935	P	RHSA-2010:0459: openoffice.org security update (Moderate)	2014-02-24
oval:org.mitre.oval:def:11091	V	OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.	2013-04-29
oval:com.redhat.rhsa:def:20100459	P	RHSA-2010:0459: openoffice.org security update (Moderate)	2010-06-17
oval:org.debian:def:2055	V	macro execution	2010-06-05

BACK