CVE-2010-2572
CVE-2010-2572
In short
A flaw in older versions of Microsoft PowerPoint allows attackers to crash the program or run malicious code by sending a specially crafted PowerPoint file. When you open the file, the vulnerability is triggered automatically.
Technical detail
Buffer overflow in PowerPoint 2002 SP3 and 2003 SP3 parsing of legacy PowerPoint 95 format files enables remote code execution. The attack vector is a malicious document file; no user interaction beyond opening the file is required for exploitation. The vulnerability results in arbitrary code execution with user privileges.
Summary generated and translated by AI from the official description.
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability."
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-088https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12195https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2572http://www.us-cert.gov/cas/techalerts/TA10-313A.html