CVE-2010-3952

CVE Database · CVE-2010-3952

CVE-2010-3952

· N/AModified

CVSS v3.1

N/A

EPSS

20.83%

Published

Dec 16, 2010

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted FlashPix image in an Office document, aka "FlashPix Image Converter Heap Corruption Vulnerability."

Weaknesses (CWE)

CWE-119

Affected Products (2)

microsoft · officevulnerable

microsoft · office_converter_packvulnerable

References (8)

http://www.securitytracker.com/id?1024887

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-105

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12150

http://www.securitytracker.com/id?1024887

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-105

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12150

KEV Catalog EPSS Scores Vendors All CVEs