CVE-2010-3333

2010-11-1003:00:02

CWE-119

[email protected]

web.nvd.nist.gov

1141

In Wild

cve-2010-3333

microsoft office

buffer overflow

rtf

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.973 High

EPSS

Percentile

99.9%

JSON

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka “RTF Stack Buffer Overflow Vulnerability.”

Affected configurations

NVD

Node

microsoftofficeMatch2003sp3

microsoftofficeMatch2004mac

microsoftofficeMatch2007sp2

microsoftofficeMatch2008mac

microsoftofficeMatch2010

microsoftofficeMatch2011mac

microsoftofficeMatchxpsp3

microsoftopen_xml_file_format_convertermac

CPENameOperatorVersion
microsoft:officemicrosoft officeeq2003
microsoft:officemicrosoft officeeq2004
microsoft:officemicrosoft officeeq2007
microsoft:officemicrosoft officeeq2008
microsoft:officemicrosoft officeeq2010
microsoft:officemicrosoft officeeq2011
microsoft:officemicrosoft officeeqxp
microsoft:open_xml_file_format_convertermicrosoft open xml file format convertereq*

CPE	Name	Operator	Version
microsoft:office	microsoft office	eq	2003
microsoft:office	microsoft office	eq	2004
microsoft:office	microsoft office	eq	2007
microsoft:office	microsoft office	eq	2008
microsoft:office	microsoft office	eq	2010
microsoft:office	microsoft office	eq	2011
microsoft:office	microsoft office	eq	xp
microsoft:open_xml_file_format_converter	microsoft open xml file format converter	eq	*