PT-2010-5185 · Microsoft · Office Converter Pack+2

Published

2010-12-16

Updated

2018-10-12

CVE-2010-3947

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Office XP SP3 Microsoft Office Converter Pack Microsoft Works 9

Description A heap-based buffer overflow exists in the TIFF image converter of the graphics filters, allowing remote attackers to execute arbitrary code via a crafted TIFF image in an Office document.

Recommendations For Microsoft Office XP SP3, update to a version that fixes the issue. For Microsoft Office Converter Pack, update to a version that fixes the issue. For Microsoft Works 9, update to a version that fixes the issue. As a temporary workaround, consider avoiding the use of TIFF images in Office documents until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2010-3947

Affected Products

Office Converter Pack

Office Xp Sp3

Works 9

PT-2010-5185 · Microsoft · Office Converter Pack+2

CVE-2010-3947

Weakness Enumeration

Related Identifiers

Affected Products

References · 5