CVE-2011-0103

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted record information in an Excel file, aka "Excel Memory Corruption Vulnerability."

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=901
http://osvdb.org/71760
http://secunia.com/advisories/39122
http://www.securityfocus.com/bid/47244
http://www.securitytracker.com/id?1025337
http://www.us-cert.gov/cas/techalerts/TA11-102A.html	US Government Resource
http://www.vupen.com/english/advisories/2011/0940
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12616
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=901
http://osvdb.org/71760
http://secunia.com/advisories/39122
http://www.securityfocus.com/bid/47244
http://www.securitytracker.com/id?1025337
http://www.us-cert.gov/cas/techalerts/TA11-102A.html	US Government Resource
http://www.vupen.com/english/advisories/2011/0940
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12616

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:excel:2002:sp3::::::
	cpe:2.3:a:microsoft:excel:2003:sp3::::::
	cpe:2.3:a:microsoft:office:2004::mac:::::
	cpe:2.3:a:microsoft:office:2008::mac:::::
	cpe:2.3:a:microsoft:open_xml_file_format_converter:::mac:::::*

History

21 Nov 2024, 01:23

Type	Values Removed	Values Added
References	~~() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=901 -~~	() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=901 -
References	~~() http://osvdb.org/71760 -~~	() http://osvdb.org/71760 -
References	~~() http://secunia.com/advisories/39122 -~~	() http://secunia.com/advisories/39122 -
References	~~() http://www.securityfocus.com/bid/47244 -~~	() http://www.securityfocus.com/bid/47244 -
References	~~() http://www.securitytracker.com/id?1025337 -~~	() http://www.securitytracker.com/id?1025337 -
References	~~() http://www.us-cert.gov/cas/techalerts/TA11-102A.html - US Government Resource~~	() http://www.us-cert.gov/cas/techalerts/TA11-102A.html - US Government Resource
References	~~() http://www.vupen.com/english/advisories/2011/0940 -~~	() http://www.vupen.com/english/advisories/2011/0940 -
References	~~() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021 -~~	() https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12616 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12616 -

Information

Published : 2011-04-13 18:55

Updated : 2024-11-21 01:23

NVD link : CVE-2011-0103

Mitre link : CVE-2011-0103

CVE.ORG link : CVE-2011-0103

JSON object : View

Products Affected

microsoft

open_xml_file_format_converter
excel
office

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

9.3 /10