CVE-2010-3334

Name of the Vulnerable Software and Affected Versions Microsoft Office versions XP SP3, 2003 SP3, 2007 SP2, 2010 Microsoft Office for Mac versions 2004, 2008, 2011 Open XML File Format Converter for Mac (affected versions not specified)

Description A remote code execution issue exists in the way Microsoft Office software parses specially crafted Office files, potentially allowing an attacker to execute arbitrary code via an Office document containing an Office Art Drawing record with crafted msofbtSp records and unspecified flags, triggering memory corruption. This could enable an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with fewer user rights on the system compared to those operating with administrative user rights.

Recommendations For Microsoft Office versions XP SP3, 2003 SP3, 2007 SP2, 2010, consider applying security updates to address the issue. For Microsoft Office for Mac versions 2004, 2008, 2011, apply the latest security patches to mitigate the risk. For Open XML File Format Converter for Mac, at the moment, there is no information about a newer version that contains a fix for this vulnerability.