CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1900

Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka "Word Record Parsing Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.447

EPSS Ranking 97.4%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2010-1900

Microsoft » Office » Version: 2004

cpe:2.3:a:microsoft:office:2004
Microsoft » Office » Version: 2008

cpe:2.3:a:microsoft:office:2008
Microsoft » Office Compatibility Pack » Version: 2007

cpe:2.3:a:microsoft:office_compatibility_pack:2007
Microsoft » Office Word Viewer » Version: N/A

cpe:2.3:a:microsoft:office_word_viewer:-
Microsoft » Office Word Viewer » Version: 2003

cpe:2.3:a:microsoft:office_word_viewer:2003
Microsoft » Open Xml File Format Converter » Version: N/A

cpe:2.3:a:microsoft:open_xml_file_format_converter:-
Microsoft » Word » Version: 2002

cpe:2.3:a:microsoft:word:2002
Microsoft » Word » Version: 2003

cpe:2.3:a:microsoft:word:2003
Microsoft » Word » Version: 2007

cpe:2.3:a:microsoft:word:2007
Microsoft » Works » Version: 9.0

cpe:2.3:a:microsoft:works:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1900

Products

Pricing

Contact Us