CVE-2010-3945

Name of the Vulnerable Software and Affected Versions Microsoft Office versions XP SP3, 2003 SP3

Description A buffer overflow issue exists in the way Microsoft Office handles CGM image files, allowing remote attackers to execute arbitrary code via a crafted CGM image in an Office document. This could enable an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted than those operating with administrative user rights.

Recommendations For Microsoft Office XP SP3, update to a version that fixes the buffer overflow issue in the CGM image converter. For Microsoft Office 2003 SP3, update to a version that fixes the buffer overflow issue in the CGM image converter. As a temporary workaround, consider avoiding the use of CGM image files in Office documents until a patch is available.