Important2010-10-12 Bulletin Severity Rating:Important - This security update resolves eleven privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Bulletin details at Microsoft.com

Related CVE Entries

Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle an uninitialized pointer during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Uninitialized Pointer Vulnerability."
Max CVSS
9.3
EPSS Score
85.43%
Published
2010-10-13
Updated
2018-10-12
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check an unspecified boundary during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Boundary Check Vulnerability."
Max CVSS
9.3
EPSS Score
87.57%
Published
2010-10-13
Updated
2018-10-12
Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Vulnerability."
Max CVSS
9.3
EPSS Score
94.72%
Published
2010-10-13
Updated
2018-10-12
Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web App allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Stack Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
94.16%
Published
2010-10-13
Updated
2018-10-12
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Return Value Vulnerability."
Max CVSS
9.3
EPSS Score
85.43%
Published
2010-10-13
Updated
2018-10-12
Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability."
Max CVSS
9.3
EPSS Score
94.72%
Published
2010-10-13
Updated
2018-10-12
Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records, aka "Word Pointer Vulnerability."
Max CVSS
9.3
EPSS Score
92.28%
Published
2010-10-13
Updated
2018-10-12
Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
94.20%
Published
2010-10-13
Updated
2018-10-12
Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability."
Max CVSS
9.3
EPSS Score
91.04%
Published
2010-10-13
Updated
2018-10-12
Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Parsing Vulnerability."
Max CVSS
9.3
EPSS Score
92.69%
Published
2010-10-13
Updated
2018-10-12
Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Parsing Vulnerability."
Max CVSS
9.3
EPSS Score
90.88%
Published
2010-10-13
Updated
2018-10-12
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!