Detections
Analytics

MS10-105: Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)

high Nessus Plugin ID 51177

Language:

Synopsis

Arbitrary code can be executed on the remote host through the Microsoft Office filters.

Description

The remote host is running a version of Microsoft Office with multiple memory corruption vulnerabilities.

A remote attacker could exploit this by tricking a user into viewing a specially crafted image file with Office, resulting in arbitrary code execution.

Solution

Microsoft has released a set of patches for Office XP, 2003, 2007, 2010, and Office Converter Pack.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2010/ms10-105

Plugin Details

Severity: High

ID: 51177

File Name: smb_nt_ms10-105.nasl

Version: 1.26

Type: local

Agent: windows

Published: 12/15/2010

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:microsoft:office, cpe:/a:microsoft:office_converter_pack, cpe:/a:microsoft:works

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/14/2010

Vulnerability Publication Date: 12/14/2010

Reference Information

CVE: CVE-2010-3945, CVE-2010-3946, CVE-2010-3947, CVE-2010-3949, CVE-2010-3950, CVE-2010-3951, CVE-2010-3952

BID: 45270, 45273, 45274, 45275, 45278, 45283, 45285

MSFT: MS10-105

MSKB: 2289078