CVE-2010-2572

HIGH KEV

Microsoft Powerpoint - Buffer Overflow

Title source: rule

Description

Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability."

References (4)

[Third Party Advisory, US Government Resource] http://www.us-cert.gov/cas/techalerts/TA10-313A.html

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-088

[Broken Link] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12195

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2572

Scores

CVSS v3 7.8

EPSS 0.7472

EPSS Percentile 98.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-06-08

VulnCheck KEV 2016-01-24

InTheWild.io 2013-10-10

ENISA EUVD EUVD-2010-2576

CWE

CWE-120

Status published

Products (2)

microsoft/powerpoint 2002 sp3

microsoft/powerpoint 2003 sp3

Published Nov 10, 2010

KEV Added Jun 08, 2022

Tracked Since Feb 18, 2026