|MS10-105||Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)||Microsoft Office||Critical||15-12-2010|
Brief overview of the risk:
This security update resolves seven privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using Microsoft Office.
Detailed Information on the risk:
A remote code execution vulnerability exists in the way that Microsoft Office allocates buffer size when handling CGM image files. The vulnerability could allow remote code execution if a user opens an Office document containing a specially crafted CGM image. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Further information on this exploit is available at : MS10-105
Affected SoftwareMicrosoft Office XP Service Pack 3*
Microsoft Office 2003 Service Pack 3*
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 (32-bit editions)
Microsoft Office 2010 (64-bit editions)
Microsoft Office Converter Pack
Microsoft Works 9