CVE-2010-3945
Microsoft Office - Remote Code Execution via Crafted CGM Image
Title source: llmDescription
Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability."
References (4)
Core 4
Core References
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024887
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12249
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-105
Scores
EPSS
0.2511
EPSS Percentile
97.7%
Details
CWE
CWE-119
Status
published
Products (3)
microsoft/office
2003 sp3
microsoft/office
xp sp3
microsoft/office_converter_pack
Published
Dec 16, 2010
Tracked Since
Feb 18, 2026