CVE-2010-1900 in Office Compatibility Pack
Summary
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka "Word Record Parsing Vulnerability."
Be aware that VulDB is the high quality source for vulnerability data.
Reservation
05/11/2010
Disclosure
08/11/2010
Status
Confirmed
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 54319 | Microsoft Office Compatibility Pack code injection | 94 | Proof-of-Concept | Not defined | CVE-2010-1900 |