4 matches found
Microsoft Word UPX Data Stack Validation Buffer Overflow (MS10-079; CVE-2010-3214)
Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in the way that Microsoft Word handles stack validation inside a specially crafted Word file. The vulnerability is due to an error in Microsoft Word that fails to properly validate UPX...
MS10-079 / MS10-080 : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2293194 / 2293211) (Mac OS X)
The remote Mac OS X host is running a version of Microsoft Office that is affected by multiple remote code execution vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted Word, Excel, or Lotus 1-2-3 file, these issues could be leveraged to execute...
VUPEN Security Research - Microsoft Office Word Document Stack Overflow Vulnerability (CVE-2010-3214)
VUPEN Security Research - Microsoft Office Word Document Stack Overflow Vulnerability CVE-2010-3214 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Word, included in the Microsoft Office suite, is a powerful authoring program that gives the ability t...
CVE-2010-3214
The CVE-2010-3214 entry maps to a stack-based buffer overflow in Microsoft Word triggered by parsing specific Word structures (UPX data) in crafted Word documents, enabling remote code execution. Affected products include Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Word for Mac 2004 and 2008; th...