CVE-2010-4643
CVE-2010-4643 is a critical-severity vulnerability in Apache Openoffice with a CVSS 2.0 base score of 9.3. Its EPSS exploit-prediction score of 10% places it in the 95th percentile, indicating an elevated likelihood of exploitation. The underlying weakness is classified as CWE-787.
Key facts
- Severity: Critical (CVSS 2.0 base score 9.3)
- EPSS exploit prediction: 10% (95th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-787
- Affected product: Apache Openoffice
- Published:
- Last modified:
Description
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office document.
Frequently asked questions
- What is CVE-2010-4643?
- Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office document.
- How severe is CVE-2010-4643?
- CVE-2010-4643 has a CVSS 2.0 base score of 9.3, rated critical severity.
- Is CVE-2010-4643 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 10% (95th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2010-4643?
- CVE-2010-4643 affects Apache Openoffice. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2010-4643?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
- When was CVE-2010-4643 published?
- CVE-2010-4643 was published on 2011-01-28 and last updated on 2026-06-16.
References
- http://osvdb.org/70718
- http://secunia.com/advisories/40775
- http://secunia.com/advisories/42999
- http://secunia.com/advisories/43065
- http://secunia.com/advisories/43105
- http://secunia.com/advisories/43118
- http://secunia.com/advisories/60799
- http://ubuntu.com/usn/usn-1056-1
- http://www.debian.org/security/2011/dsa-2151
- http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:027
- http://www.openoffice.org/security/cves/CVE-2010-4643.html
- http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
- http://www.redhat.com/support/errata/RHSA-2011-0181.html
- http://www.redhat.com/support/errata/RHSA-2011-0182.html
- http://www.securityfocus.com/bid/46031
- http://www.securitytracker.com/id?1025002
- http://www.vupen.com/english/advisories/2011/0230
- http://www.vupen.com/english/advisories/2011/0232
- http://www.vupen.com/english/advisories/2011/0279
- https://bugzilla.redhat.com/show_bug.cgi?id=667588
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65441
Affected products (1)
- cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*
More vulnerabilities in Apache Openoffice
- CVE-2014-3524 — Critical (CVSS 9.3): Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other…
- CVE-2010-4253 — Critical (CVSS 9.3): Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a…
- CVE-2010-3454 — Critical (CVSS 9.3): Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and…
- CVE-2010-3453 — Critical (CVSS 9.3): The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not…
- CVE-2010-3452 — Critical (CVSS 9.3): Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to…
- CVE-2010-3451 — Critical (CVSS 9.3): Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to…
All CVEs affecting Apache Openoffice →
Other CWE-787 (Out-of-bounds Write) vulnerabilities
- CVE-2026-42369 — Critical (CVSS 10.0): GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other…
- CVE-2026-4746 — Critical (CVSS 10.0): Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Foundation/src modules). This vulnerability is…
- CVE-2025-43300 — Critical (CVSS 10.0): An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS…
- CVE-2025-24201 — Critical (CVSS 10.0): An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in…
- CVE-2024-42479 — Critical (CVSS 10.0): llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause…
- CVE-2024-39791 — Critical (CVSS 10.0): Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge…