| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS10-105 | Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095) | Microsoft Office | Critical | 15-12-2010 |
Technical Information
Brief overview of the risk:
This security update resolves seven privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using Microsoft Office.
Detailed Information on the risk:
A remote code execution vulnerability exists in the way that Microsoft Office allocates buffer size when handling CGM image files. The vulnerability could allow remote code execution if a user opens an Office document containing a specially crafted CGM image. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Further information on this exploit is available at : MS10-105
Affected Software
Microsoft Office XP Service Pack 3*Microsoft Office 2003 Service Pack 3*
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 (32-bit editions)
Microsoft Office 2010 (64-bit editions)
Microsoft Office Converter Pack
Microsoft Works 9