OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.
Software | From | Fixed in |
---|---|---|
debian / debian_linux | 5.0 | 5.0.x |
debian / debian_linux | 6.0 | 6.0.x |
opensuse / opensuse | 11.0 | 11.0.x |
opensuse / opensuse | 11.1 | 11.1.x |
opensuse / opensuse | 11.2 | 11.2.x |
fedoraproject / fedora | 11 | 11.x |
fedoraproject / fedora | 12 | 12.x |
fedoraproject / fedora | 13 | 13.x |
canonical / ubuntu_linux | 10.04 | 10.04.x |
canonical / ubuntu_linux | 8.04 | 8.04.x |
canonical / ubuntu_linux | 9.04 | 9.04.x |
canonical / ubuntu_linux | 9.10 | 9.10.x |
suse / linux_enterprise_desktop | 10-sp3 | 10-sp3.x |
suse / linux_enterprise_desktop | 11 | 11.x |
apache / openoffice | 2.0.0 | 3.2.1 |