Excel Parsing Vulnerability in Microsoft Office Products
CVE-2010-0258

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Open Xml File Format Converter
Office
Office Excel Viewer
Office Sharepoint Server
Vendor
CVE Published:
10 March 2010

What is CVE-2010-0258?

Multiple versions of Microsoft Office Excel are susceptible to an object type confusion vulnerability that arises from improper parsing of Excel file formats. This flaw can be exploited by malicious attackers, allowing them to craft specifically tailored spreadsheets that, when opened, may cause the software to misinterpret memory objects. Consequently, this could enable the execution of arbitrary code on the victim's machine, highlighting significant risks particularly for users with outdated versions of Office.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://labs.idefense.com/intelligence/vulnerabilities/dis...
third-party-advisoryx_refsource_IDEFENSE
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

71% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.