返回 CVE 瀏覽器

CVE-2010-3333

Known Exploited (CISA KEV)HIGH

7.8

CVSS Severity Score

EPSS Score76.9040%

EPSS Percentile98.83th

Published2010年11月10日

Last Modified2026年4月22日

Vulnerability Description

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."

Affected Platforms (CPE)

📦

Microsoft

Office

= 2003

📦

Microsoft

Office

= 2004

📦

Microsoft

Office

= 2007

📦

Microsoft

Office

= 2008

📦

Microsoft

Office

= 2010

📦

Microsoft

Office

= 2011

📦

Microsoft

Office

= xp

📦

Microsoft

Open Xml File Format Converter

All versions

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=880

🔗 http://secunia.com/advisories/38521

🔗 http://secunia.com/advisories/42144

🔗 http://securityreason.com/securityalert/8293

🔗 http://www.securityfocus.com/bid/44652

🔗 http://www.securitytracker.com/id?1024705

🔗 http://www.us-cert.gov/cas/techalerts/TA10-313A.html

🔗 http://www.vupen.com/english/advisories/2010/2923

相關漏洞威脅

CVE-2001-122310.0

The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers...

CVE-2001-126010.0

Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator pri...

CVE-2000-085410.0

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.d...

CVE-2007-111710.0

Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspeci...