TIFF Image Converter Heap Overflow Vulnerability (CVE-2010-3947)

  Severity: CRITICAL
  CVE Identifier: CVE-2010-3947
  Advisory Date: JUL 21, 2015

  DESCRIPTION

Heap-based buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Heap Overflow Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1004546
  Trend Micro Deep Security DPI Rule Name: 1004546 - TIFF Image Converter Heap Overflow Vulnerability