Lucene search
MicrosoftCVE-2010-3952HistoryDec 16, 2010 - 7:33 p.m.
CVE-2010-3952
2010-12-1619:33:03
CWE-119
microsoft
web.nvd.nist.gov
37
cve-2010-3952
flashpix
image converter
microsoft office
remote code execution
denial of service
heap memory corruption
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.764
Percentile
98.2%
The FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted FlashPix image in an Office document, aka “FlashPix Image Converter Heap Corruption Vulnerability.”
Affected configurations
Node
microsoftofficeMatchxpsp3
ORmicrosoftoffice_converter_pack
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | office | xp | cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:* |
| microsoft | office_converter_pack | * | cpe:2.3:a:microsoft:office_converter_pack:*:*:*:*:*:*:*:* |
Related
securityvulns
securityvulns
Secunia Research: Microsoft Office FlashPix Tile Data Two Buffer Overflows
2010-12-21 00:00:00
Microsoft Office multiple security vulnerabilities
2010-12-28 00:00:00
symantec
symantec
cvelist
cvelist
CVE-2010-3952
2010-12-16 19:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Heap overflow
2010-12-16 19:33:00
nvd
nvd
CVE-2010-3952
2010-12-16 19:33:03
openvas
openvas
nessus
nessus
mskb
mskb
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.764
Percentile
98.2%
Related for CVE-2010-3952