Lucene search

[email protected]CVE-2011-1278

HistoryJun 16, 2011 - 8:55 p.m.

CVE-2011-1278

2011-06-1620:55:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-1278

microsoft

excel

office 2004 for mac

parsing

remote attackers

arbitrary code

denial of service

memory corruption

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.931 High

EPSS

Percentile

99.1%

JSON

Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka “Excel WriteAV Vulnerability.”

Affected configurations

NVD

Node

microsoftexcelMatch2002sp3

microsoftofficeMatch2004mac

CPENameOperatorVersion
microsoft:excelmicrosoft exceleq2002
microsoft:officemicrosoft officeeq2004

CPE	Name	Operator	Version
microsoft:excel	microsoft excel	eq	2002
microsoft:office	microsoft office	eq	2004

References

www.securityfocus.com/bid/48163

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-045

exchange.xforce.ibmcloud.com/vulnerabilities/67716

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12687

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.931 High

EPSS

Percentile

99.1%

JSON

Related for CVE-2011-1278

cvelist1 checkpoint_advisories1 prion1 nvd1 symantec1 nessus2 mskb1 seebug1 openvas2 securityvulns1