Executive Summary
| Summary | |
|---|---|
| Title | Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214) |
| Informations | |||
|---|---|---|---|
| Name | MS10-003 | First vendor Publication | 2010-02-09 |
| Vendor | Microsoft | Last vendor Modification | 2010-02-10 |
| Severity (Vendor) | Important | Revision | 1.1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Revision Note: V1.1 (February 10, 2010): Added a link to Microsoft Knowledge Base Article 978214 under Known Issues in the Executive Summary.Summary: This security update resolves a privately reported vulnerability in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/MS10-003.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:8399 | |||
| Oval ID: | oval:org.mitre.oval:def:8399 | ||
| Title: | MSO.DLL Buffer Overflow | ||
| Description: | Buffer overflow in MSO.DLL in Microsoft Office XP SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Office document, aka "MSO.DLL Buffer Overflow." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-0243 | Version: | 1 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows 7 | Product(s): | Microsoft Office XP |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-02-10 | Name : Microsoft Office (MSO) Remote Code Execution Vulnerability (978214) File : nvt/secpod_ms10-003.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 62235 | Microsoft Office Excel MSO.DLL OfficeArtSpgr Container Overflow |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2010-02-18 | IAVM : 2010-A-0027 - Microsoft Office Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0022681 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-11-16 | Microsoft Office Malformed MSODrawing Record attempt RuleID : 31462 - Revision : 3 - Type : FILE-OFFICE |
| 2014-11-16 | Microsoft Office Excel Malformed MSODrawing Record attempt RuleID : 31461 - Revision : 3 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Malformed MSODrawing Record attempt RuleID : 23270 - Revision : 4 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office embedded Office Art drawings execution attempt RuleID : 22037 - Revision : 3 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office embedded Office Art drawings execution attempt RuleID : 19443 - Revision : 8 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office embedded Office Art drawings execution attempt RuleID : 19442 - Revision : 14 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Excel Malformed MSODrawing Record attempt RuleID : 16416 - Revision : 17 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_feb2010.nasl - Type : ACT_GATHER_INFO |
| 2010-02-09 | Name : Arbitrary code can be executed on the remote host through Microsoft Office. File : smb_nt_ms10-003.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-11-16 21:25:21 |
|
| 2014-02-17 11:46:26 |
|
| 2014-01-19 21:30:25 |
|
| 2013-11-11 12:41:15 |
|
