CVE-2010-1903 — Code Injection in Microsoft Word
Severity
9.3CRITICALNVD
EPSS
55.1%
top 1.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 11
Latest updateMay 14
Description
Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed record in a Word file, aka "Word HTML Linked Objects Memory Corruption Vulnerability."
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0
Affected Packages1 packages
🔴Vulnerability Details
2GHSA▶
GHSA-f6j7-rj3p-cfvv: Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (m↗2022-05-14
CVEList▶
CVE-2010-1903: Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (m↗2010-08-11