Remote Code Execution Vulnerability in Microsoft Office Products
CVE-2010-3334

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office
Vendor: CVE Published:; 10 November 2010

Summary

The vulnerability present in various versions of Microsoft Office products allows attackers to execute arbitrary code by manipulating Office documents. Specifically, crafted Office Art Drawing records can trigger memory corruption when processed, enabling attackers to gain control over the affected systems. Users are advised to apply the latest security updates to mitigate these risks.

References

http://www.securitytracker.com/id?1024705

vdb-entryx_refsource_SECTRACK

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://secunia.com/advisories/42144

third-party-advisoryx_refsource_SECUNIA

EPSS Score

64% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 10, 2010
Vulnerability Reserved
Sep 14, 2010