CVE-2010-3945

Microsoft Office - Remote Code Execution via Crafted CGM Image

Title source: llm
STIX 2.1

Description

Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability."

References (4)

Core 4
Core References
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1024887
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12249

Scores

EPSS 0.2511
EPSS Percentile 97.7%

Details

CWE
CWE-119
Status published
Products (3)
microsoft/office 2003 sp3
microsoft/office xp sp3
microsoft/office_converter_pack
Published Dec 16, 2010
Tracked Since Feb 18, 2026