Added: 11/16/2010
CVE: CVE-2010-3333
BID: 44652
OSVDB: 69085
Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations.
A stack buffer overflow vulnerability exists when Microsoft Word parses RTF documents. The vulnerability is due to lack of input validation when handling the values set for the **pFragments**
property.
Apply the patch referenced in Microsoft Security Bulletin 10-087.
<http://secunia.com/advisories/38521/>
Exploit works on Microsoft Office Word 2002 SP3, Word 2003 SP3, and Word 2007 SP2.
The user must open the exploit file in Microsoft Word on the target system.
Windows XP
Windows Vista