CVE-2010-3221

Name of the Vulnerable Software and Affected Versions Microsoft Word versions 2002 SP3 and 2003 SP3 Office 2004 for Mac Word Viewer

Description A remote code execution issue exists due to improper handling of a malformed record during parsing of a Word document. This allows attackers to execute arbitrary code via a crafted document, triggering memory corruption. Successful exploitation could grant an attacker complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Word 2002 SP3, update to a version that properly handles malformed records. For Microsoft Word 2003 SP3, apply the necessary patch to fix the parsing vulnerability. For Office 2004 for Mac, consider disabling the parsing of specially crafted Word files until a patch is available. For Word Viewer, restrict access to crafted Word documents to minimize the risk of exploitation.