Vulnerability Details CVE-2010-1254
The installation for Microsoft Open XML File Format Converter for Mac sets insecure ACLs for the /Applications folder, which allows local users to execute arbitrary code by replacing the executable with a Trojan Horse, aka "Mac Office Open XML Permissions Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.2%
CVSS Severity
CVSS v2 Score 6.9
References
- http://www.securityfocus.com/bid/40533
- http://www.us-cert.gov/cas/techalerts/TA10-159B.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038
- http://www.securityfocus.com/bid/40533
- http://www.us-cert.gov/cas/techalerts/TA10-159B.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038
Products affected by CVE-2010-1254
-
cpe:2.3:a:microsoft:open_xml_file_format_converter:-