CVE-2010-3216

Name of the Vulnerable Software and Affected Versions Microsoft Word versions 2002 SP3 Microsoft Office for Mac version 2004

Description A remote code execution issue exists in the way Microsoft Word handles bookmarks when parsing a specially crafted Word file. This could allow an attacker to execute arbitrary code, potentially taking complete control of an affected system. The attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted than those operating with administrative user rights.

Recommendations For Microsoft Word 2002 SP3, update to a version that is not affected by this issue. For Microsoft Office for Mac 2004, update to a version that is not affected by this issue.