CyberSec.Space Logo
Back to CVE Browser

CVE-2010-3333

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score76.9040%
EPSS Percentile98.83th
PublishedNov 10, 2010
Last ModifiedApr 22, 2026

Vulnerability Description

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."

Affected Platforms (CPE)

πŸ“¦
Microsoft

Office

= 2003
πŸ“¦
Microsoft

Office

= 2004
πŸ“¦
Microsoft

Office

= 2007
πŸ“¦
Microsoft

Office

= 2008
πŸ“¦
Microsoft

Office

= 2010
πŸ“¦
Microsoft

Office

= 2011
πŸ“¦
Microsoft

Office

= xp
πŸ“¦
Microsoft

Open Xml File Format Converter

All versions

References & Advisories

πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=880
πŸ”— http://secunia.com/advisories/38521
πŸ”— http://secunia.com/advisories/42144
πŸ”— http://securityreason.com/securityalert/8293
πŸ”— http://www.securityfocus.com/bid/44652
πŸ”— http://www.securitytracker.com/id?1024705
πŸ”— http://www.us-cert.gov/cas/techalerts/TA10-313A.html
πŸ”— http://www.vupen.com/english/advisories/2010/2923

Related Vulnerabilities

CVE-2001-122310.0

The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers...

CVE-2001-126010.0

Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator pri...

CVE-2000-085410.0

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.d...

CVE-2007-111710.0

Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspeci...