PT-2010-4264 · Microsoft · Office Word+1

Chaouki Bekrar

Published

2010-10-13

Updated

2018-10-12

CVE-2010-2750

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Word versions 2002 SP3 Microsoft Office for Mac version 2004

Description A remote code execution issue exists in the way Microsoft Word handles index values inside a specially crafted Word file. This could allow an attacker to take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system may be less impacted than those operating with administrative user rights.

Recommendations For Microsoft Word 2002 SP3, update to a version that is not affected by this issue. For Microsoft Office for Mac 2004, update to a version that is not affected by this issue.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2010-2750

Affected Products

Office For Mac

Office Word

PT-2010-4264 · Microsoft · Office Word+1

CVE-2010-2750

Weakness Enumeration

Related Identifiers

Affected Products

References · 8