Bird_banner_small4
Microsoft Office RTF Stack Buffer Overflow
TSL ID TSL20101109-13
CVE ID(s) CVE-2010-3333
Severity High
Description

A stack buffer overflow has been reported in Microsoft Office products in the way it parses Rich Text Formatting (RTF) content.

To exploit this vulnerability an attacker must entice a target to open an MS office document containing specially crafted RTF data. Successful exploitation could result in the execution of arbitrary code in the context of the logged in user.

The vendor, Microsoft, has issued an advisory and patch:

http://www.microsoft.com/technet/security/bulletin/MS10-087.mspx

Affected Products
  • Microsoft Office 2003
  • Microsoft Office 2004 for Mac
  • Microsoft Office 2007
  • Microsoft Office 2008 for Mac
  • Microsoft Office 2010
  • Microsoft Office 2011 for Mac
  • Microsoft Office Open XML File Format Converter for Mac
  • Microsoft Office XP
CVSS Score Base 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):
  • Access vector is NETWORK
  • Access complexity is MEDIUM
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is PARTIAL
  • Impact of this vulnerability on data integrity is PARTIAL
  • Impact of this vulnerability on data availability is PARTIAL
Temporal 5.3 (E:POC/RL:OF/RC:C):
  • The exploitability level of this vulnerability is PROOF OF CONCEPT
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
Identifiers
BID
Microsoft Security Bulletin
OSVDB
References http://www.exploit-db.com/exploits/18334/
Related Threats TSL20160303-02 - Trojan.Win32.Drover.A
TSL20150310-01 - Backdoor.Win32.Kaolxif.A
TSL20131016-02 - Trojan-Downloader.Win32.Egobot.B
TSL20131008-01 - Worm.Win32.Ovnavart.A
TSL20131003-08 - Backdoor.Win32.Dampt.A
TSL20130214-02 - Trojan-Downloader.Win32.Layvam.A
TSL20130114-08 - Backdoor.Win32.Rocra.A
TSL20120315-05 - Trojan.Win32.Marade.AA
TSL20120315-03 - Trojan-Downloader.Win32.Kongger.A
TSL20110908-01 - Trojan.Win32.Sofacy.A