Unrated severityNVD Advisory· Published Dec 16, 2010· Updated Apr 29, 2026

CVE-2010-3946

Description

Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Image Converter Integer Overflow Vulnerability."

Affected products

Microsoft/Office2 versions
cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
Microsoft/Office Converter Pack
cpe:2.3:a:microsoft:office_converter_pack:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.us-cert.gov/cas/techalerts/TA10-348A.htmlnvdUS Government Resource
www.securitytracker.com/idnvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-105nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11967nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.054
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000