CVE-2010-2935

CVE-2010-2935 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error."

Learn more about our Cis Benchmark Audit For Microsoft Office.