Executive Summary

Informations
Name CVE-2009-3302 First vendor Publication 2010-02-16
Vendor Cve Last vendor Modification 2022-02-07

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10022
 
Oval ID: oval:org.mitre.oval:def:10022
Title: filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."
Description: filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."
Family: unix Class: vulnerability
Reference(s): CVE-2009-3302
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12661
 
Oval ID: oval:org.mitre.oval:def:12661
Title: DSA-1995-1 openoffice.org -- several
Description: Several vulnerabilities have been discovered in the OpenOffice.org office suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0136 It was discovered that macro security settings were insufficiently enforced for VBA macros. CVE-2009-0217 It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This also affects the integrated libxmlsec library. CVE-2009-2949 Sebastian Apelt discovered that an integer overflow in the XPM import code may lead to the execution of arbitrary code. CVE-2009-2950 Sebastian Apelt and Frank Reissner discovered that a buffer overflow in the GIF import code may lead to the execution of arbitrary code. CVE-2009-3301/CVE-2009-3302 Nicolas Joly discovered multiple vulnerabilities in the parser for Word document files, which may lead to the execution of arbitrary code. For the old stable distribution, these problems have been fixed in version 2.0.4.dfsg.2-7etch9. For the stable distribution, these problems have been fixed in version 1:2.4.1+dfsg-1+lenny6. For the unstable distribution, these problems will be fixed soon. We recommend that you upgrade your openoffice.org packages.
Family: unix Class: patch
Reference(s): DSA-1995-1
CVE-2010-0136
CVE-2009-0217
CVE-2009-2949
CVE-2009-2950
CVE-2009-3301
CVE-2009-3302
 Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
 Product(s): openoffice.org
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21919
 
Oval ID: oval:org.mitre.oval:def:21919
Title: RHSA-2010:0101: openoffice.org security update (Important)
Description: filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."
Family: unix Class: patch
Reference(s): RHSA-2010:0101-02
CESA-2010:0101
CVE-2009-2949
CVE-2009-2950
CVE-2009-3301
CVE-2009-3302
 Version: 55
Platform(s): Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): openoffice.org
openoffice.org2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22848
 
Oval ID: oval:org.mitre.oval:def:22848
Title: ELSA-2010:0101: openoffice.org security update (Important)
Description: filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."
Family: unix Class: patch
Reference(s): ELSA-2010:0101-02
CVE-2009-2949
CVE-2009-2950
CVE-2009-3301
CVE-2009-3302
 Version: 21
Platform(s): Oracle Linux 5
 Product(s): openoffice.org
openoffice.org2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6910
 
Oval ID: oval:org.mitre.oval:def:6910
Title: DSA-1995 openoffice.org -- several vulnerabilities
Description: Several vulnerabilities have been discovered in the OpenOffice.org office suite. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that macro security settings were insufficiently enforced for VBA macros. It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This also affects the integrated libxmlsec library. Sebastian Apelt discovered that an integer overflow in the XPM import code may lead to the execution of arbitrary code. Sebastian Apelt and Frank Reissner discovered that a buffer overflow in the GIF import code may lead to the execution of arbitrary code. Nicolas Joly discovered multiple vulnerabilities in the parser for Word document files, which may lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1995
CVE-2010-0136
CVE-2009-0217
CVE-2009-2949
CVE-2009-2950
CVE-2009-3301
CVE-2009-3302
 Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
 Product(s): openoffice.org
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 6
Os 4
Os 2

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for openoffice.org-base CESA-2010:0101 centos5 i386
File : nvt/gb_CESA-2010_0101_openoffice.org-base_centos5_i386.nasl
2010-11-16 Name : Mandriva Update for openoffice.org MDVSA-2010:221 (openoffice.org)
File : nvt/gb_mandriva_MDVSA_2010_221.nasl
2010-06-11 Name : Fedora Update for openoffice.org FEDORA-2010-9576
File : nvt/gb_fedora_2010_9576_openoffice.org_fc12.nasl
2010-06-11 Name : Fedora Update for openoffice.org FEDORA-2010-9628
File : nvt/gb_fedora_2010_9628_openoffice.org_fc11.nasl
2010-03-22 Name : SuSE Update for OpenOffice_org SUSE-SA:2010:017
File : nvt/gb_suse_2010_017.nasl
2010-03-16 Name : FreeBSD Ports: openoffice.org
File : nvt/freebsd_openoffice.org.nasl
2010-03-02 Name : Fedora Update for openoffice.org FEDORA-2010-1847
File : nvt/gb_fedora_2010_1847_openoffice.org_fc12.nasl
2010-03-02 Name : Fedora Update for openoffice.org FEDORA-2010-1941
File : nvt/gb_fedora_2010_1941_openoffice.org_fc11.nasl
2010-03-02 Name : Ubuntu Update for openoffice.org vulnerabilities USN-903-1
File : nvt/gb_ubuntu_USN_903_1.nasl
2010-02-19 Name : OpenOffice Multiple Remote Code Execution Vulnerabilities - Feb10
File : nvt/gb_openoffice_mult_code_exec_vuln_win_feb10.nasl
2010-02-15 Name : CentOS Update for openoffice.org CESA-2010:0101 centos3 i386
File : nvt/gb_CESA-2010_0101_openoffice.org_centos3_i386.nasl
2010-02-15 Name : RedHat Update for openoffice.org RHSA-2010:0101-02
File : nvt/gb_RHSA-2010_0101-02_openoffice.org.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
62385 OpenOffice.org (OOo) filter/ww8/ww8par2.cxx sprmTSetBrc Table Boundary Error DoS

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt
RuleID : 26676 - Revision : 5 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Word file sprmTSetBrc processing buffer overflow attempt
RuleID : 26675 - Revision : 2 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Word file sprmTSetBrc processing buffer overflow attempt
RuleID : 18535 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt
RuleID : 17250 - Revision : 18 - Type : FILE-OFFICE

Nessus® Vulnerability Scanner

Date Description
2014-09-01 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201408-19.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0101.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100212_openoffice_org_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100212_openoffice_org_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100212_openoffice_org_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_OpenOffice_org-6883.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_OpenOffice_org-6884.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_OpenOffice_org-100225.nasl - Type : ACT_GATHER_INFO
2010-11-07 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-221.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-1941.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-1847.nasl - Type : ACT_GATHER_INFO
2010-03-17 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_OpenOffice_org-100211.nasl - Type : ACT_GATHER_INFO
2010-03-17 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_OpenOffice_org-base-drivers-postgresql-100211.nasl - Type : ACT_GATHER_INFO
2010-03-17 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_OpenOffice_org-base-drivers-postgresql-100216.nasl - Type : ACT_GATHER_INFO
2010-03-16 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_OpenOffice_org-100226.nasl - Type : ACT_GATHER_INFO
2010-03-01 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c97d7a37223311df96dd001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-02-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-903-1.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1995.nasl - Type : ACT_GATHER_INFO
2010-02-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0101.nasl - Type : ACT_GATHER_INFO
2010-02-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0101.nasl - Type : ACT_GATHER_INFO
2010-02-12 Name : The remote Windows host has a program affected by multiple buffer overflows.
File : openoffice_32.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/38218
CERT http://www.us-cert.gov/cas/techalerts/TA10-287A.html
CONFIRM http://www.openoffice.org/security/bulletin.html
http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
https://bugzilla.redhat.com/show_bug.cgi?id=533043
DEBIAN http://www.debian.org/security/2010/dsa-1995
GENTOO http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2010:221
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://www.redhat.com/support/errata/RHSA-2010-0101.html
SECTRACK http://securitytracker.com/id?1023591
SECUNIA http://secunia.com/advisories/38567
http://secunia.com/advisories/38568
http://secunia.com/advisories/38695
http://secunia.com/advisories/38921
http://secunia.com/advisories/41818
http://secunia.com/advisories/60799
SUSE http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html
UBUNTU http://www.ubuntu.com/usn/USN-903-1
VUPEN http://www.vupen.com/english/advisories/2010/0366
http://www.vupen.com/english/advisories/2010/0635
http://www.vupen.com/english/advisories/2010/2905
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/56241

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Date Informations
2024-02-08 12:10:59
  • Multiple Updates
2022-02-09 01:07:44
  • Multiple Updates
2022-02-08 12:07:47
  • Multiple Updates
2021-05-05 01:06:15
  • Multiple Updates
2021-05-04 12:10:13
  • Multiple Updates
2021-04-22 01:10:39
  • Multiple Updates
2020-05-23 01:40:53
  • Multiple Updates
2020-05-23 00:24:21
  • Multiple Updates
2017-09-19 09:23:24
  • Multiple Updates
2017-08-17 09:22:43
  • Multiple Updates
2016-04-26 19:07:53
  • Multiple Updates
2014-11-14 13:26:56
  • Multiple Updates
2014-10-24 13:25:47
  • Multiple Updates
2014-09-02 13:24:28
  • Multiple Updates
2014-02-17 10:51:42
  • Multiple Updates
2014-01-19 21:26:12
  • Multiple Updates
2013-05-10 23:57:50
  • Multiple Updates