CVE-2010-3689

Apache Openoffice < 3.3.0 - Path Traversal

Title source: rule

Description

soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

References (19)

Scores

EPSS 0.0005
EPSS Percentile 15.8%

Classification

CWE
CWE-22
Status draft

Affected Products (7)

apache/openoffice < 3.3.0
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
debian/debian_linux
debian/debian_linux

Timeline

Published Jan 28, 2011
Tracked Since Feb 18, 2026