Microsoft Office (MSO) Remote Code Execution Vulnerability (978214) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS10-003.

Impact

Successful exploitation could allow attackers to execute arbitrary code. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/MS10-003.mspx

Insight

An unspecified issue exists in Mso.dll while handling specially crafted office files causing remote code execution.

Affected

Microsoft Office XP 3 and prior

References

http://support.microsoft.com/kb/977896
http://www.microsoft.com/technet/security/bulletin/MS10-003.mspx
http://www.vupen.com/english/advisories/2010/0336

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0243

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Foundation Classes Could Allow Remote Code Execution Vulnerability (2387149)
Microsoft IIS Authentication Remote Code Execution Vulnerability (982666)
Microsoft Active Directory Denial of Service Vulnerability (953235)
Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerability (970710)
Cumulative Security Update for Internet Explorer (953838)

Take action and discover your vulnerabilities