Launchpad.net

CVE 2010-0395

OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.

Related bugs and status

CVE-2010-0395 (Candidate) is related to these bugs:

Bug #882588: LibreOffice/Mozilla integration broken

Summary				In	Importance	Status
	882588	LibreOffice/Mozilla integration broken		libreoffice (Ubuntu)	Undecided	Fix Released
	882588	LibreOffice/Mozilla integration broken		firefox (Ubuntu)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.openoffice....
CONFIRM: https://bugzilla.redha...
DEBIAN: DSA-2055
FEDORA: FEDORA-2010-9576
FEDORA: FEDORA-2010-9628
FEDORA: FEDORA-2010-9633
REDHAT: RHSA-2010:0459
UBUNTU: USN-949-1
SECUNIA: 40084
SECUNIA: 40104
SECUNIA: 40107
SECUNIA: 40070
VUPEN: ADV-2010-1353
VUPEN: ADV-2010-1366
VUPEN: ADV-2010-1369
VUPEN: ADV-2010-1350
SUSE: SUSE-SR:2010:014
CERT: TA10-287A
MANDRIVA: MDVSA-2010:221
VUPEN: ADV-2010-2905
GENTOO: GLSA-201408-19
SECUNIA: 60799
CONFIRM: http://www.oracle.com/...
SECUNIA: 41818
OVAL: oval:org.mitre.oval:de...