Remote Code Execution Vulnerability in Microsoft Office Products
CVE-2010-3336

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office
Vendor: CVE Published:; 10 November 2010

Summary

Remote attackers can exploit a vulnerability in multiple versions of Microsoft Office and related software by manipulating specifically crafted Office documents. This exploitation triggers memory corruption, allowing the execution of arbitrary code on the affected systems. Users of Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac 2011, and the Open XML File Format Converter for Mac are particularly at risk. It is crucial for organizations to apply the latest security updates to mitigate potential threats.

References

http://www.securitytracker.com/id?1024705

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/42144

third-party-advisoryx_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

66% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 10, 2010
Vulnerability Reserved
Sep 14, 2010