⚠ Actively exploited
Added to CISA KEV on 2022-03-03. Federal agencies required to patch by 2022-03-24. Required action: Apply updates per vendor instructions..

CVE-2010-3333Out-of-bounds Write in Microsoft Office

CWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer32 documents15 sources
Severity
7.8HIGHNVD
EPSS
93.8%
top 0.14%
CISA KEV
KEV
Added 2022-03-03
Due 2022-03-24
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Microsoft Office
Timeline
PublishedNov 10
KEV addedMar 3
KEV dueMar 24
Latest updateFeb 12
CISA Required Action: Apply updates per vendor instructions.

Description

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDmicrosoft/office7 versions+6

Patches

Patch: docs.microsoft.comPatch: docs.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-r838-75c6-gjj4: Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 202022-05-14
VulnCheck
Microsoft Office Stack-based Buffer Overflow Vulnerability2010

💥Exploits & PoCs

6
Exploit-DB
Microsoft Office 2010 - Download Execute2013-02-20
Exploit-DB
Microsoft Office 2003 Home/Pro - Code Execution (MS10-087)2012-01-08
Exploit-DB
Microsoft Office 2010 - '.RTF' Header Stack Overflow2011-07-03
Exploit-DB
Microsoft Word - '.RTF' pFragments Stack Buffer Overflow (File Format) (MS10-087) (Metasploit)2011-03-04
Exploit-DB
Wireshark - ENTTEC DMX Data RLE Buffer Overflow2011-01-03

🔍Detection Rules

2
Suricata
ET WEB_CLIENT Microsoft Office RTF Stack Buffer Overflow2015-03-16
Suricata
ET MALWARE Spy/Infostealer.Win32.Embed.A Client Traffic2013-05-29

📋Vendor Advisories

1
CISA
Microsoft Office Stack-based Buffer Overflow Vulnerability2022-03-03

🕵️Threat Intelligence

18
Sentinelone
Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years2022-06-09
Sentinelone
Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years2022-06-09
Unit42
ProjectM: Link Found Between Pakistani Actor and Operation Transparent Tribe2016-03-25
Unit42
ProjectM: Link Found Between Pakistani Actor and Operation Transparent Tribe2016-03-25
Unit42
New Malware 'Rover' Targets Indian Ambassador to Afghanistan2016-02-29

📄Research Papers

2
arXiv
Investigation of Advanced Persistent Threats Network-based Tactics, Techniques and Procedures2025-02-12
arXiv
Technical Aspects of Cyber Kill Chain2016-06-10
CVE-2010-3333 — Out-of-bounds Write in Microsoft Office | cvebase