Lucene search

K

[email protected]NVD:CVE-2011-0105

HistoryApr 13, 2011 - 6:55 p.m.

CVE-2011-0105

2011-04-1318:55:01

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.968

Percentile

99.7%

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka “Excel Data Initialization Vulnerability.”

Affected configurations

NVD

Node

microsoftexcelMatch2002sp3

OR

microsoftofficeMatch2004mac

OR

microsoftofficeMatch2008mac

OR

microsoftopen_xml_file_format_convertermac

References

secunia.com/advisories/39122

www.securitytracker.com/id?1025337

www.us-cert.gov/cas/techalerts/TA11-102A.html

www.vupen.com/english/advisories/2011/0940

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12618

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.968

Percentile

99.7%

Related for NVD:CVE-2011-0105

zdi1 packetstorm1 cve1 securityvulns3 metasploit1 saint4 prion1 seebug2 cvelist1 checkpoint_advisories1 exploitdb1 openvas2 nessus2