MS10-036: Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235)
High Nessus Plugin ID 46843
SynopsisArbitrary code can be executed on the remote host through opening a Microsoft Office file.
DescriptionThe remote host contains a vulnerable version of Microsoft Office 2003 or 2007. Opening a specially crafted Office file can result in arbitrary code execution. A remote attacker can exploit this by tricking a user into opening a specially crafted Office file.
SolutionMicrosoft has released a set of patches for Office 2003 and 2007.