Originally Marc Schoenefeld found a directory traversal flaw in the way OpenOffice.org prior to v3.2.1 handled XSLT jar filter description files installation. If a local user was tricked to install a specially-crafted OOo XSLT jar filter description file, it could allow remote attackers to create or overwrite arbitrary files belonging to local user or, potentially, execute arbitrary code via a .. (dot dot) in an entry in a XSLT filter description file. Later, OpenOffice.org upstream identified the same deficiency in the way OOs Extension Manager performed installation of OpenOffice.org Extension (*.OXT) files. References: [1] http://extensions.services.openoffice.org/en/resources [2] http://wiki.services.openoffice.org/wiki/Documentation/DevGuide/Extensions/Extensions
This issue affects the versions of the openoffice.org package, as shipped with Red Hat Enterprise Linux 3 and 4. This issue affects the version of the openoffice.org-core package, as shipped with Red Hat Enterprise Linux 5. -- This issue affects the versions of the openoffice.org-core package, as shipped with Fedora release of 12 and 13.
Public via: http://www.openoffice.org/security/cves/CVE-2010-3450.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2011:0181 https://rhn.redhat.com/errata/RHSA-2011-0181.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2011:0182 https://rhn.redhat.com/errata/RHSA-2011-0182.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0183 https://rhn.redhat.com/errata/RHSA-2011-0183.html