CVE-2010-0136: openoffice.org: unenforced VBA macro security settings may lead to arbitrary macro execution

Severity: Critical

CVSS Score: 9.3

OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.