CVE-2010-3689

medium

Apache

CVSS v3 Base Score

6.9

AV:L/AC:M/Au:N/C:C/I:C/A:C

EPSS Score

0.1%

Exploitation probability in 30 days

Top 84% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Confidentiality

Integrity

Availability

Published: January 28, 2011 (5585 days ago)

Last Modified: April 29, 2026

Vendor: Apache

Source: NVD

Description

soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

CWE

CWE-22

Affected Products

apache openofficecanonical ubuntu linuxdebian debian linux

References

🔗 osvdb.org 🔗 secunia.com 🔗 secunia.com 🔗 secunia.com 🔗 secunia.com

CVE-2010-3689

Vulnerability Report

Description

CWE

Affected Products

References