CVE-2010-2747

Name of the Vulnerable Software and Affected Versions Microsoft Word versions 2002 SP3 Office 2004 for Mac

Description A remote code execution issue exists due to improper handling of an uninitialized pointer during the parsing of a Word document. This allows attackers to execute arbitrary code via a crafted document, triggering memory corruption. An attacker who successfully exploits this issue could take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights compared to those operating with administrative rights.

Recommendations For Microsoft Word 2002 SP3, update to a version that properly handles pointer initialization during document parsing to prevent memory corruption. For Office 2004 for Mac, apply the necessary patch or update to ensure secure handling of Word documents and prevent remote code execution.