CVE-2011-1277
Summary
| CVE | CVE-2011-1277 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2011-06-16 20:55:00 UTC |
| Updated | 2018-10-12 22:00:00 UTC |
| Description | Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability." |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Excel | 2002 | sp3 | All | All |
| Application | Microsoft | Excel | 2002 | sp3 | All | All |
| Application | Microsoft | Office | 2008 | All | mac | All |
| Application | Microsoft | Office | 2008 | All | mac | All |
| Application | Microsoft | Open Xml File Format Converter | All | All | mac | All |
| Application | Microsoft | Open Xml File Format Converter | All | All | mac | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Microsoft Security Bulletin MS11-045 - Important | Microsoft Docs | MS | docs.microsoft.com | |
| Microsoft Excel Memory Corruption CVE-2011-1277 Remote Code Execution Vulnerability | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.