TIFF Image Converter Buffer Overflow Vulnerability (CVE-2010-3949)

  Severity: CRITICAL
  CVE Identifier: CVE-2010-3949
  Advisory Date: JUL 21, 2015

  DESCRIPTION

Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Buffer Overflow Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1004543
  Trend Micro Deep Security DPI Rule Name: 1004543 - TIFF Image Converter Buffer Overflow Vulnerability

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Office XP
  • Microsoft Office Converter Pack