CVE-2010-3214

CWE-119 — Buffer Overflow4 documents4 sources

Severity

9.3CRITICAL

EPSS

61.3%

top 1.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Office Microsoft Office Compatibility Pack Microsoft Word

Timeline

PublishedOct 13

Latest updateMay 14

Description

Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web App allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Stack Overflow Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDmicrosoft/word4 versions+3

▶NVDmicrosoft/office_compatibility_pack2007

▶NVDmicrosoft/office2004, 2008+1

🔴Vulnerability Details

GHSA

GHSA-6qr6-mgvw-vh8f: Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for↗2022-05-14

▶

CVEList

CVE-2010-3214: Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for↗2010-10-13

▶

💥Exploits & PoCs

Exploit-DB

ProShow Gold 4.0.2549 - '.psh' Local Stack Buffer Overflow (Metasploit)↗2010-09-25

▶