CVE-2010-0136
critical
Apache CVSS v3 Base Score
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Score
4.5%
Exploitation probability in 30 days
Top 11% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: February 16, 2010 (5931 days ago)
Last Modified: April 29, 2026
Vendor: Apache
Source: NVD
Vulnerability Report
Generated by CyberWatcher
Description
OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.
CWE
CWE-77Affected Products
apache openofficecanonical ubuntu linuxdebian debian linux