CVE-2010-1245

HIGH

Description

Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-0821.

References

http://www.securityfocus.com/archive/1/511753/100/0/threaded

http://www.us-cert.gov/cas/techalerts/TA10-159B.html

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6877

Details

Source: MITRE

Published: 2010-06-08

Updated: 2018-10-12

Type: CWE-94

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (2 total)

IDNameProductFamilySeverity
50066MS10-038: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2027452) (Mac OS X)NessusMacOS X Local Security Checks
high
46845MS10-038: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452)NessusWindows : Microsoft Bulletins
high