Lucene search
HistoryOct 13, 2010 - 7:00 p.m.
CVE-2010-3237
cve-2010-3237
microsoft excel
office 2004
mac
record validation
remote code execution
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.895 High
EPSS
Percentile
98.8%
Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka “Merge Cell Record Pointer Vulnerability.”
Affected configurations
Node
microsoftexcelMatch2002sp3
ORmicrosoftofficeMatch2004mac
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft:excel | microsoft excel | eq | 2002 |
| microsoft:office | microsoft office | eq | 2004 |
Related
checkpoint_advisories
checkpoint_advisories
symantec
symantec
cvelist
cvelist
CVE-2010-3237
2010-10-13 18:00:00
prion
prion
Null pointer dereference
2010-10-13 19:00:00
nvd
nvd
CVE-2010-3237
2010-10-13 19:00:45
securityvulns
securityvulns
VUPEN Security Research - Microsoft Office Excel Merge Cell Record Invalid Pointer Vulnerability (CVE-2010-3237)
2010-10-16 00:00:00
Microsoft Security Bulletin MS10-080 - Important Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
2010-10-13 00:00:00
Microsoft Office security vulnerabilities
2010-10-16 00:00:00
nessus
nessus
openvas
openvas
Microsoft Office Excel Remote Code Execution Vulnerabilities (2293211)
2010-10-13 00:00:00
Microsoft Office Excel Remote Code Execution Vulnerabilities (2293211)
2010-10-13 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.895 High
EPSS
Percentile
98.8%
Related for CVE-2010-3237