cvelistv5 - CVE-2010-1901

CVE-2010-1901 (GCVE-0-2010-1901)

Vulnerability from cvelistv5 – Published: 2010-08-11 18:00 – Updated: 2024-08-07 02:17

Summary

Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka "Word RTF Parsing Engine Memory Corruption Vulnerability."

Severity ?

No CVSS data available.

CWE

Assigner

microsoft

References

URL

Tags

	http://www.us-cert.gov/cas/techalerts/TA10-222A.html	third-party-advisoryx_refsource_CERT
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:17:13.303Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "TA10-222A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
          },
          {
            "name": "MS10-056",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
          },
          {
            "name": "oval:org.mitre.oval:def:11612",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \"Word RTF Parsing Engine Memory Corruption Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "TA10-222A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
        },
        {
          "name": "MS10-056",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
        },
        {
          "name": "oval:org.mitre.oval:def:11612",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2010-1901",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \"Word RTF Parsing Engine Memory Corruption Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA10-222A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
            },
            {
              "name": "MS10-056",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
            },
            {
              "name": "oval:org.mitre.oval:def:11612",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2010-1901",
    "datePublished": "2010-08-11T18:00:00",
    "dateReserved": "2010-05-11T00:00:00",
    "dateUpdated": "2024-08-07T02:17:13.303Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"F02894C4-57A7-45FE-B9D2-1A0EE3ABA455\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F8E09E-E7F7-4D86-B140-3933EDC54E1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"262BC12C-246A-41AB-A08D-3D205156F074\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*\", \"matchCriteriaId\": \"9409A9BD-1E9B-49B8-884F-8FE569D8AA25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*\", \"matchCriteriaId\": \"5BA91840-371C-4282-9F7F-B393F785D260\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*\", \"matchCriteriaId\": \"3807A4E4-EB58-47B6-AD98-6ED464DEBA4E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4B44889-AEEB-4713-A047-C27B802DB257\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E647A7B3-7A92-4584-BDA7-81752FF59411\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \\\"Word RTF Parsing Engine Memory Corruption Vulnerability.\\\"\"}, {\"lang\": \"es\", \"value\": \"Microsoft Office Word 2002 SP3, 2003 SP3, y 2007 SP2; Microsoft Office 2004 y 2008 para Mac; Open XML File Format Converter para Mac; Office Word Viewer; y Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP2, no manejan adecuadamente propiedades sin especificar datos de texto enriquecido, lo que permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n o provocar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de memoria) a trav\\u00e9s de un documento RTF manipulado. Tambi\\u00e9n conocido como \\\"Word RTF Parsing Engine Memory Corruption Vulnerability.\\\"\"}]",
      "id": "CVE-2010-1901",
      "lastModified": "2024-11-21T01:15:25.550",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2010-08-11T18:47:50.313",
      "references": "[{\"url\": \"http://www.us-cert.gov/cas/techalerts/TA10-222A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA10-222A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-1901\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2010-08-11T18:47:50.313\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \\\"Word RTF Parsing Engine Memory Corruption Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"Microsoft Office Word 2002 SP3, 2003 SP3, y 2007 SP2; Microsoft Office 2004 y 2008 para Mac; Open XML File Format Converter para Mac; Office Word Viewer; y Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP2, no manejan adecuadamente propiedades sin especificar datos de texto enriquecido, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de un documento RTF manipulado. Tambi\u00e9n conocido como \\\"Word RTF Parsing Engine Memory Corruption Vulnerability.\\\"\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F02894C4-57A7-45FE-B9D2-1A0EE3ABA455\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F8E09E-E7F7-4D86-B140-3933EDC54E1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"262BC12C-246A-41AB-A08D-3D205156F074\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*\",\"matchCriteriaId\":\"9409A9BD-1E9B-49B8-884F-8FE569D8AA25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*\",\"matchCriteriaId\":\"5BA91840-371C-4282-9F7F-B393F785D260\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*\",\"matchCriteriaId\":\"3807A4E4-EB58-47B6-AD98-6ED464DEBA4E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4B44889-AEEB-4713-A047-C27B802DB257\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E647A7B3-7A92-4584-BDA7-81752FF59411\"}]}]}],\"references\":[{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-222A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-222A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2010-AVI-372

Vulnerability from certfr_avis - Published: - Updated:

Quatre vulnérabilités permettant de l'exécution de code arbitraire à distance ont été découvertes dans Microsoft Word.

Description

Quatre vulnérabilités ont été découvertes dans Microsoft Word :

une erreur dans le module de traitement des enregistrements dans un fichier Word permet l'exécution de code arbitraire à distance par le biais d'un document Word spécialement conçu ;
deux erreurs distinctes dans le module de traitement des fichiers RTF permettent l'exécution de code arbitraire à distance ;
une erreur dans le module de traitement des objets liés HTML dans un fichier Word permet l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Office	Convertisseur de formats de fichier Open XML pour Mac ;
Microsoft	Office	Microsoft Office Word 2003 Service Pack 3 ;
Microsoft	Office	Microsoft Office Word 2002 Service Pack 3 ;
Microsoft	Office	Microsoft Works 9.
Microsoft	Office	Microsoft Office Word 2004 pour Mac ;
Microsoft	Office	Microsoft Office Word 2007 Service Pack 2 ;
Microsoft	Office	Microsoft Office Word Viewer ;
Microsoft	Office	Pack de compatibilité Office pour les formats de fichier Word, Excel et PowerPoint 2007 Service Pack 2 ;
Microsoft	Office	Microsoft Office Word 2008 pour Mac ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS10-056 du 10 août 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Convertisseur de formats de fichier Open XML pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2003 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2002 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Works 9.",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2004 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2007 Service Pack 2 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word Viewer ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Pack de compatibilit\u00e9 Office pour les formats de fichier Word, Excel et PowerPoint 2007 Service Pack 2 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2008 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nQuatre vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Word :\n\n-   une erreur dans le module de traitement des enregistrements dans un\n    fichier Word permet l\u0027ex\u00e9cution de code arbitraire \u00e0 distance par le\n    biais d\u0027un document Word sp\u00e9cialement con\u00e7u ;\n-   deux erreurs distinctes dans le module de traitement des fichiers\n    RTF permettent l\u0027ex\u00e9cution de code arbitraire \u00e0 distance ;\n-   une erreur dans le module de traitement des objets li\u00e9s HTML dans un\n    fichier Word permet l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-1900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1900"
    },
    {
      "name": "CVE-2010-1902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1902"
    },
    {
      "name": "CVE-2010-1901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1901"
    },
    {
      "name": "CVE-2010-1903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1903"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-372",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-08-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Quatre vuln\u00e9rabilit\u00e9s permettant de l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Word.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Office Word",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS10-056 du 10 ao\u00fbt 2010",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS10-056.mspx"
    }
  ]
}

CERTA-2010-AVI-372

Vulnerability from certfr_avis - Published: - Updated:

Quatre vulnérabilités permettant de l'exécution de code arbitraire à distance ont été découvertes dans Microsoft Word.

Description

Quatre vulnérabilités ont été découvertes dans Microsoft Word :

une erreur dans le module de traitement des enregistrements dans un fichier Word permet l'exécution de code arbitraire à distance par le biais d'un document Word spécialement conçu ;
deux erreurs distinctes dans le module de traitement des fichiers RTF permettent l'exécution de code arbitraire à distance ;
une erreur dans le module de traitement des objets liés HTML dans un fichier Word permet l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Office	Convertisseur de formats de fichier Open XML pour Mac ;
Microsoft	Office	Microsoft Office Word 2003 Service Pack 3 ;
Microsoft	Office	Microsoft Office Word 2002 Service Pack 3 ;
Microsoft	Office	Microsoft Works 9.
Microsoft	Office	Microsoft Office Word 2004 pour Mac ;
Microsoft	Office	Microsoft Office Word 2007 Service Pack 2 ;
Microsoft	Office	Microsoft Office Word Viewer ;
Microsoft	Office	Pack de compatibilité Office pour les formats de fichier Word, Excel et PowerPoint 2007 Service Pack 2 ;
Microsoft	Office	Microsoft Office Word 2008 pour Mac ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS10-056 du 10 août 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Convertisseur de formats de fichier Open XML pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2003 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2002 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Works 9.",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2004 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2007 Service Pack 2 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word Viewer ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Pack de compatibilit\u00e9 Office pour les formats de fichier Word, Excel et PowerPoint 2007 Service Pack 2 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Word 2008 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nQuatre vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Word :\n\n-   une erreur dans le module de traitement des enregistrements dans un\n    fichier Word permet l\u0027ex\u00e9cution de code arbitraire \u00e0 distance par le\n    biais d\u0027un document Word sp\u00e9cialement con\u00e7u ;\n-   deux erreurs distinctes dans le module de traitement des fichiers\n    RTF permettent l\u0027ex\u00e9cution de code arbitraire \u00e0 distance ;\n-   une erreur dans le module de traitement des objets li\u00e9s HTML dans un\n    fichier Word permet l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-1900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1900"
    },
    {
      "name": "CVE-2010-1902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1902"
    },
    {
      "name": "CVE-2010-1901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1901"
    },
    {
      "name": "CVE-2010-1903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1903"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-372",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-08-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Quatre vuln\u00e9rabilit\u00e9s permettant de l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Word.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Office Word",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS10-056 du 10 ao\u00fbt 2010",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS10-056.mspx"
    }
  ]
}

GHSA-59XC-R9VV-8CGV

Vulnerability from github – Published: 2022-05-14 02:36 – Updated: 2022-05-14 02:36

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-1901"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-08-11T18:47:00Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \"Word RTF Parsing Engine Memory Corruption Vulnerability.\"",
  "id": "GHSA-59xc-r9vv-8cgv",
  "modified": "2022-05-14T02:36:46Z",
  "published": "2022-05-14T02:36:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1901"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2010-1901

Vulnerability from fkie_nvd - Published: 2010-08-11 18:47 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA10-222A.html	US Government Resource
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA10-222A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612

Impacted products

Vendor	Product	Version
microsoft	word	2002
microsoft	word	2003
microsoft	word	2007
microsoft	office	2004
microsoft	office	2008
microsoft	open_xml_file_format_converter	*
microsoft	office_compatibility_pack	2007
microsoft	office_word_viewer	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "F02894C4-57A7-45FE-B9D2-1A0EE3ABA455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "80F8E09E-E7F7-4D86-B140-3933EDC54E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "262BC12C-246A-41AB-A08D-3D205156F074",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*",
              "matchCriteriaId": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*",
              "matchCriteriaId": "5BA91840-371C-4282-9F7F-B393F785D260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*",
              "matchCriteriaId": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E647A7B3-7A92-4584-BDA7-81752FF59411",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \"Word RTF Parsing Engine Memory Corruption Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Microsoft Office Word 2002 SP3, 2003 SP3, y 2007 SP2; Microsoft Office 2004 y 2008 para Mac; Open XML File Format Converter para Mac; Office Word Viewer; y Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP2, no manejan adecuadamente propiedades sin especificar datos de texto enriquecido, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de un documento RTF manipulado. Tambi\u00e9n conocido como \"Word RTF Parsing Engine Memory Corruption Vulnerability.\""
    }
  ],
  "id": "CVE-2010-1901",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-08-11T18:47:50.313",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2010-1901

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-1901

Aliases

CVE-2010-1901

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-1901",
    "description": "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \"Word RTF Parsing Engine Memory Corruption Vulnerability.\"",
    "id": "GSD-2010-1901"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-1901"
      ],
      "details": "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \"Word RTF Parsing Engine Memory Corruption Vulnerability.\"",
      "id": "GSD-2010-1901",
      "modified": "2023-12-13T01:21:32.537158Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2010-1901",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \"Word RTF Parsing Engine Memory Corruption Vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "TA10-222A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
          },
          {
            "name": "MS10-056",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
          },
          {
            "name": "oval:org.mitre.oval:def:11612",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:word:2007:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:word:2002:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_word_viewer:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2010-1901"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka \"Word RTF Parsing Engine Memory Corruption Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA10-222A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11612",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11612"
            },
            {
              "name": "MS10-056",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-056"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-12T21:57Z",
      "publishedDate": "2010-08-11T18:47Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-1901 (GCVE-0-2010-1901)

CERTA-2010-AVI-372

Description

Solution

CERTA-2010-AVI-372

Description

Solution

GHSA-59XC-R9VV-8CGV

FKIE_CVE-2010-1901

GSD-2010-1901

Tags

Sightings

Nomenclature