CVE-2010-3217

Name of the Vulnerable Software and Affected Versions Microsoft Word version 2002 SP3

Description A double free vulnerability in Microsoft Word allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records. This issue exists in the way that Microsoft Word handles pointers when parsing a specially crafted Word file, which could allow an attacker to take complete control of an affected system. The attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Recommendations For Microsoft Word 2002 SP3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.