CVE-2010-0264

Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2007:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_excel_viewer:*:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_excel_viewer:*:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x32:*:*:*:*:*
cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x64:*:*:*:*:*
cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x32:*:*:*:*:*
cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x64:*:*:*:*:*
cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*

History

21 Nov 2024, 01:11

Type Values Removed Values Added
References () http://www.securitytracker.com/id?1023698 - () http://www.securitytracker.com/id?1023698 -
References () http://www.us-cert.gov/cas/techalerts/TA10-068A.html - US Government Resource () http://www.us-cert.gov/cas/techalerts/TA10-068A.html - US Government Resource
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7888 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7888 -

Information

Published : 2010-03-10 22:30

Updated : 2024-11-21 01:11


NVD link : CVE-2010-0264

Mitre link : CVE-2010-0264

CVE.ORG link : CVE-2010-0264


JSON object : View

Products Affected

microsoft

  • office_excel_viewer
  • open_xml_file_format_converter
  • office_compatibility_pack
  • office_sharepoint_server
  • excel
  • office
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')