CVE-2010-3949

high

Description

Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Buffer Overflow Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12387

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-105

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

http://www.securitytracker.com/id?1024887

Details

Source: Mitre, NVD

Published: 2010-12-16

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High