CVE-2010-3217

{"id": "CVE-2010-3217", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-10-13T19:00:44.697", "references": [{"url": "http://secunia.com/secunia_research/2010-76/", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/archive/1/514298/100/0/threaded", "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/archive/1/515440/100/0/threaded", "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-079", "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6695", "source": "secure@microsoft.com"}, {"url": "http://secunia.com/secunia_research/2010-76/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/514298/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/515440/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-079", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6695", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records, aka \"Word Pointer Vulnerability.\""}, {"lang": "es", "value": "Una vulnerabilidad de doble liberaci\u00f3n en Word 2002 SP3 de Microsoft, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un documento de Word con registros de invalidaci\u00f3n de formato de lista (LFO) especialmente dise\u00f1ados, tambi\u00e9n se conoce como \"Word Pointer Vulnerability\"."}], "lastModified": "2024-11-21T01:18:18.097", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F02894C4-57A7-45FE-B9D2-1A0EE3ABA455"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}