MS12-051: Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015) (Mac OS X)

Medium Nessus Plugin ID 59914


An application installed on the remote Mac OS X host is affected by an elevation of privilege vulnerability.


The remote Mac OS X host is running a version of Microsoft Office for Mac that is affected by a privilege escalation vulnerability in the way that folder permissions are set in certain installations. If an attacker places a malicious executable in the Office 2011 folder and lures a user into logging in and running that executable, he could cause arbitrary code to be executed in the context of that user.

Note that this issue is primarily a risk on shared workstations, such as in a library or an Internet cafe.


Microsoft has released a patch for Office for Mac 2011.

See Also

Plugin Details

Severity: Medium

ID: 59914

File Name: macosx_ms12-051.nasl

Version: 1.8

Type: local

Agent: macosx

Published: 2012/07/11

Modified: 2017/08/30

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.4

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:office:2011::mac

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/07/10

Vulnerability Publication Date: 2012/07/10

Reference Information

CVE: CVE-2012-1894

BID: 54361

OSVDB: 83654

MSFT: MS12-051

MSKB: 2721015