This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host through Microsoft
The remote Mac OS X host is running a version of Microsoft Office that
is affected by the following vulnerabilities :
- A memory corruption vulnerability could be triggered
when parsing specially crafted RTF-formatted data.
- Several memory corruption vulnerabilities could be
triggered when reading a specially crafted Excel file.
(CVE-2012-0141 / CVE-2012-0142 / CVE-2012-0143 /
- A record parsing mismatch exists when opening a
specially crafted Excel file. (CVE-2012-1847)
If a remote attacker can trick a user into opening a malicious file
using the affected install, these vulnerabilities could be leveraged
to execute arbitrary code subject to the user's privileges.
See also :
Microsoft has released patches for Office for Mac 2011 and Office 2008
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 59046 ()
Bugtraq ID: 533425334453373533745337553379
CVE ID: CVE-2012-0141CVE-2012-0142CVE-2012-0143CVE-2012-0183CVE-2012-0184CVE-2012-1847
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.