CVE-2010-3689
Publication date 28 January 2011
Last updated 24 July 2024
Ubuntu priority
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Status
Package | Ubuntu Release | Status |
---|---|---|
libreoffice | 10.10 maverick | Not in release |
10.04 LTS lucid | Not in release | |
9.10 karmic | Not in release | |
8.04 LTS hardy | Not in release | |
6.06 LTS dapper | Not in release | |
openoffice.org | 10.10 maverick |
Fixed 1:3.2.1-7ubuntu1.1
|
10.04 LTS lucid |
Fixed 1:3.2.0-7ubuntu4.2
|
|
9.10 karmic |
Fixed 1:3.1.1-5ubuntu1.3
|
|
8.04 LTS hardy |
Fixed 1:2.4.1-1ubuntu2.5
|
|
6.06 LTS dapper | Ignored end of life |
References
Related Ubuntu Security Notices (USN)
- USN-1056-1
- OpenOffice.org vulnerabilities
- 2 February 2011