CVE-2011-0103

HIGH

Description

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted record information in an Excel file, aka "Excel Memory Corruption Vulnerability."

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=901

http://osvdb.org/71760

http://secunia.com/advisories/39122

http://www.securityfocus.com/bid/47244

http://www.securitytracker.com/id?1025337

http://www.us-cert.gov/cas/techalerts/TA11-102A.html

http://www.vupen.com/english/advisories/2011/0940

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12616

Details

Source: MITRE

Published: 2011-04-13

Updated: 2018-10-12

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (2 total)

IDNameProductFamilySeverity
53378MS11-021: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279)NessusWindows : Microsoft Bulletins
high
53374MS11-021 / MS11-022 / MS11-023: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489279 / 2489283 / 2489293) (Mac OS X)NessusMacOS X Local Security Checks
high