PT-2010-5187 · Microsoft · Office Converter Pack+2

Published

2010-12-16

Updated

2018-10-12

CVE-2010-3950

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Office XP SP3 Office Converter Pack Works 9

Description The issue is related to the TIFF image converter in the graphics filters, which does not properly convert data. This allows remote attackers to execute arbitrary code or cause a denial of service due to memory corruption via a crafted TIFF image in an Office document.

Recommendations For Microsoft Office XP SP3, update the TIFF image converter to a patched version. For Office Converter Pack, apply the necessary patch to fix the memory corruption issue. For Works 9, install the latest update that addresses the TIFF image converter problem. As a temporary workaround, consider avoiding the use of TIFF images in Office documents until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2010-3950

Affected Products

Office Xp Sp3

Office Converter Pack

Works 9

PT-2010-5187 · Microsoft · Office Converter Pack+2

CVE-2010-3950

Weakness Enumeration

Related Identifiers

Affected Products

References · 5