CVE-2010-3221

2010-10-1319:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2010-3221

microsoft word

word viewer

office 2004 for mac

parsing vulnerability

memory corruption

remote code execution

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.894 High

EPSS

Percentile

98.7%

JSON

Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka “Word Parsing Vulnerability.”

CPENameOperatorVersion
microsoft:wordmicrosoft wordeq2002
microsoft:officemicrosoft officeeq2004
microsoft:wordmicrosoft wordeq2003
microsoft:word_viewermicrosoft word viewereq*

CPE	Name	Operator	Version
microsoft:word	microsoft word	eq	2002
microsoft:office	microsoft office	eq	2004
microsoft:word	microsoft word	eq	2003
microsoft:word_viewer	microsoft word viewer	eq	*