CVE-2010-3216 — Code Injection in Microsoft Office
Severity
9.3CRITICALNVD
EPSS
57.3%
top 1.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 13
Latest updateMay 14
Description
Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability."
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-2ff3-f8pr-gg3g: Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that↗2022-05-14
CVEList▶
CVE-2010-3216: Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that↗2010-10-13