MS11-089 / MS11-094 / MS11-096 : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2590602 / 2639142 / 2640241) (Mac OS X)

high Nessus Plugin ID 57286
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


An application installed on the remote Mac OS X host is affected by multiple remote code execution vulnerabilities.


The remote Mac OS X host is running a version of Microsoft Office that is affected by the following vulnerabilities :

- A use-after-free vulnerability could be triggered when reading a specially crafted Word file. (CVE-2011-1983)

- A memory corruption vulnerability could be triggered when reading a specially crafted Excel file.

- A memory corruption vulnerability could be triggered when reading an invalid record in a specially crafted PowerPoint file. (CVE-2011-3413)

If a remote attacker can trick a user into opening a malicious file using the affected install, these vulnerabilities could be leveraged to execute arbitrary code subject to the user's privileges.


Microsoft has released a patch for Office for Mac 2011, Office 2008 for Mac, and Office 2004 for Mac.

See Also

Plugin Details

Severity: High

ID: 57286

File Name: macosx_ms_office_dec2011.nasl

Version: 1.18

Type: local

Agent: macosx

Published: 12/13/2011

Updated: 7/14/2018

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: Critical

Score: 9.5


Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:office:2004::mac, cpe:/a:microsoft:office:2008::mac, cpe:/a:microsoft:office:2011::mac

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/13/2011

Vulnerability Publication Date: 12/13/2011

Exploitable With

Core Impact

Reference Information

CVE: CVE-2011-1983, CVE-2011-3403, CVE-2011-3413

BID: 50954, 50956, 50964

MSFT: MS11-089, MS11-094, MS11-096

IAVA: 2011-A-0166

MSKB: 2590602, 2639142, 2640241, 2644347, 2644354, 2644358