CVE-2010-3946
Summary
| CVE | CVE-2010-3946 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-12-16 19:33:00 UTC |
| Updated | 2018-10-12 21:58:00 UTC |
| Description | Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Image Converter Integer Overflow Vulnerability." |
Risk And Classification
Problem Types: CWE-189
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Office | 2003 | sp3 | All | All |
| Application | Microsoft | Office | xp | sp3 | All | All |
| Application | Microsoft | Office | 2003 | sp3 | All | All |
| Application | Microsoft | Office | xp | sp3 | All | All |
| Application | Microsoft | Office Converter Pack | All | All | All | All |
| Application | Microsoft | Office Converter Pack | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft Security Bulletin MS10-105 - Important | Microsoft Docs | MS | docs.microsoft.com | |
| Microsoft Office Graphics Filters Let Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| US-CERT Technical Cyber Security Alert TA10-348A -- Microsoft Updates for Multiple Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.