cbcvebase.
CVE-2010-3217
published 2010-10-13

CVE-2010-3217: Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override…

PriorityP356critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
40.13%
98.5th percentile
Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records, aka "Word Pointer Vulnerability."

Affected

1 ranges
VendorProductVersion rangeFixed in
microsoftword

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2010-3217 exploits a double free vulnerability triggered by crafted List Format Override (LFO) records in a Word document, allowing code execution without user interaction upon opening a malicious .doc file in Word 2002 SP3.
  • CVE-2010-3217 was used as part of malicious document (maldoc) infection chains, typically as a downloader stage that fetches a C-written binary from an attacker-controlled server and executes it — hunt for Word 2002 SP3 processes spawning unexpected child processes or network connections.
  • The vulnerability is triggered specifically by crafted List Format Override (LFO) records inside a Word document — inspect incoming .doc files for anomalous LFO record structures as a detection signal.
  • ·Exploitation is limited to Microsoft Word 2002 SP3 specifically; other Word versions are not listed as affected by this CVE.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.