CVE-2010-3450: OpenOffice.org: directory traversal flaws in handling of XSLT jar filter descriptions and OXT extension files

Severity: Critical

CVSS Score: 9.3

Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files.