OpenOffice VBA Macro Restrictions Remote Security Bypass Vulnerability Network Vulnerability

Summary

This host has OpenOffice running which is prone to remote security bypass vulnerability.

Impact

Successful exploitation lets the attackers to execute a VBA macro bypassing security settings. Impact Level: Application

Solution

Upgrade to OpenOffice.org version 3.2 or later, http://download.openoffice.org/index.html

Insight

The flaw exists while handling Visual Basic Applications(VBA) macros security settings. When a specially crafted document is opened, attacker will be able to execute a VBA macro with the ability to bypass macro security settings.

Affected

OpenOffice.org versions 2.0.4, 2.4.1, and 3.1.1

References

http://securitytracker.com/alerts/2010/Feb/1023588.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0136

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Multiple Vulnerabilities June-2012 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)
Adobe Air Remote Code Execution Vulnerability -June13 (Windows)
Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Mac OS X)

Take action and discover your vulnerabilities