OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ubuntu_linux | Canonical | 8.04 (including) | 8.04 (including) |
| Ubuntu_linux | Canonical | 9.04 (including) | 9.04 (including) |
| Ubuntu_linux | Canonical | 9.10 (including) | 9.10 (including) |
| Ubuntu_linux | Canonical | 10.04 (including) | 10.04 (including) |
| Debian_linux | Debian | 5.0 (including) | 5.0 (including) |
| Debian_linux | Debian | 6.0 (including) | 6.0 (including) |
| Fedora | Fedoraproject | 11 (including) | 11 (including) |
| Fedora | Fedoraproject | 12 (including) | 12 (including) |
| Fedora | Fedoraproject | 13 (including) | 13 (including) |
| Opensuse | Opensuse | 11.0 (including) | 11.0 (including) |
| Opensuse | Opensuse | 11.1 (including) | 11.1 (including) |
| Opensuse | Opensuse | 11.2 (including) | 11.2 (including) |
| Linux_enterprise_desktop | Suse | 10-sp3 (including) | 10-sp3 (including) |
| Linux_enterprise_desktop | Suse | 11 (including) | 11 (including) |
| Red Hat Enterprise Linux 4 | RedHat | openoffice.org2-1:2.0.4-5.7.0.6.1.el4_8.4 | * |
| Red Hat Enterprise Linux 5 | RedHat | openoffice.org-1:3.1.1-19.5.el5_5.1 | * |
| Openoffice.org | Ubuntu | dapper | * |
| Openoffice.org | Ubuntu | hardy | * |
| Openoffice.org | Ubuntu | jaunty | * |
| Openoffice.org | Ubuntu | karmic | * |
| Openoffice.org | Ubuntu | lucid | * |
| Openoffice.org | Ubuntu | upstream | * |