CVE-2010-3219
VUPEN Security Advisory
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability."
Vulnerabilidad de índice de matriz en Word 2002 SP3 de Microsoft, permite a los atacantes remotos ejecutar código arbitrario por medio de un documento de Word especialmente diseñado que desencadena corrupción en memoria, también se conoce como "Word Index Parsing Vulnerability".
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Word. The vulnerability is caused by an array indexing error when processing BKF objects in a Word document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Word file.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-09-03 CVE Reserved
- 2010-10-13 CVE Published
- 2024-08-07 CVE Updated
- 2025-04-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/archive/1/514305/100/0/threaded | Mailing List | |
| http://www.us-cert.gov/cas/techalerts/TA10-285A.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7019 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-079 | 2018-10-12 |