Buffer Overflow Vulnerability in Microsoft Office Products
CVE-2010-3945

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office Converter Pack; Office
Vendor: CVE Published:; 16 December 2010

Summary

A buffer overflow in the CGM image converter within Microsoft Office XP SP3, Office 2003 SP3, and the Office Converter Pack can be exploited by remote attackers. By crafting a malicious CGM image embedded in an Office document, attackers may execute arbitrary code on the system, potentially compromising data and system integrity. This vulnerability highlights the importance of vigilance and regular updates to mitigate risks associated with document handling in office applications.

References

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

third-party-advisoryx_refsource_CERT

http://www.securitytracker.com/id?1024887

vdb-entryx_refsource_SECTRACK

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

59% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 16, 2010
Vulnerability Reserved
Oct 14, 2010