CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.3%
Array index error in Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac, allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka βArray Indexing Memory Corruption Vulnerability.β
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | office | 2004 | cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:* |
microsoft | office | 2008 | cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:* |
microsoft | office | xp | cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:* |
microsoft | office_compatibility_pack_for_word_excel_ppt_2007 | * | cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:sp1:*:*:*:*:*:* |
microsoft | office_compatibility_pack_for_word_excel_ppt_2007 | * | cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:sp2:*:*:*:*:*:* |
microsoft | office_excel | 2000 | cpe:2.3:a:microsoft:office_excel:2000:sp3:*:*:*:*:*:* |
microsoft | office_excel | 2003 | cpe:2.3:a:microsoft:office_excel:2003:sp3:*:*:*:*:*:* |
microsoft | office_excel | 2007 | cpe:2.3:a:microsoft:office_excel:2007:sp1:*:*:*:*:*:* |
microsoft | office_excel | 2007 | cpe:2.3:a:microsoft:office_excel:2007:sp2:*:*:*:*:*:* |
microsoft | office_excel_viewer | * | cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:* |
osvdb.org/54954
secunia.com/secunia_research/2009-1/
www.securityfocus.com/archive/1/504188/100/0/threaded
www.securityfocus.com/bid/35242
www.securitytracker.com/id?1022351
www.us-cert.gov/cas/techalerts/TA09-160A.html
www.vupen.com/english/advisories/2009/1540
docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-021
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11525