Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-0033Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Powerpoint

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-20Improper Input Validation5 documents5 sources
Severity
9.3CRITICALNVD
EPSS
79.6%
top 0.91%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Powerpoint
Timeline
PublishedFeb 10
Latest updateOct 29

Description

Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Viewer TextBytesAtom Record Stack Overflow Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-w6h2-rg9q-p285: Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint documen2022-05-02
CVEList
CVE-2010-0033: Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint documen2010-02-10

💥Exploits & PoCs

1
Exploit-DB
Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow (MS10-004) (Metasploit)2010-09-25

📋Vendor Advisories

1
Red Hat
kernel: x86/bugs: Use code segment selector for VERW operand2024-10-29
CVE-2010-0033 — Microsoft Powerpoint vulnerability | cvebase