CVE-2010-3333

HIGH KEV

Microsoft Office - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."

Exploits (7)

exploitdb WORKING POC VERIFIED
by g11tch · pythonremotewindows
https://www.exploit-db.com/exploits/24526
exploitdb WORKING POC VERIFIED
by b33f & g11tch · pythonlocalwindows
https://www.exploit-db.com/exploits/18334
exploitdb WORKING POC VERIFIED
by Snake · textlocalwindows
https://www.exploit-db.com/exploits/17474
exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/16686
nomisec WRITEUP 1 stars
by Sunqiz · client-side
https://github.com/Sunqiz/CVE-2010-3333-reproduction
nomisec NO CODE
by whiteHat001 · poc
https://github.com/whiteHat001/cve-2010-3333
metasploit WORKING POC GREAT
by wushi of team509, unknown, jduck, DJ Manila Ice, Vesh, CA · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ms10_087_rtf_pfragments_bof.rb

References (11)

Scores

CVSS v3 7.8
EPSS 0.9379
EPSS Percentile 99.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-03
VulnCheck KEV 2012-01-01
InTheWild.io 2022-03-03
ENISA EUVD EUVD-2010-3331
CWE
CWE-787
Status published
Products (8)
microsoft/office 2003 sp3
microsoft/office 2004
microsoft/office 2007 sp2
microsoft/office 2008
microsoft/office 2010
microsoft/office 2011
microsoft/office xp sp3
microsoft/open_xml_file_format_converter
Published Nov 10, 2010
KEV Added Mar 03, 2022
Tracked Since Feb 18, 2026