Excel Buffer Overwrite Vulnerability in Microsoft Office Products
CVE-2011-0104
Key Information:
- Vendor
- Microsoft
- Vendor
- CVE Published:
- 13 April 2011
Badges
Summary
A buffer overwrite vulnerability exists in Microsoft Excel and related Office products that could allow remote attackers to execute arbitrary code or disrupt service. This vulnerability arises when a specially crafted HLink record is processed within an Excel file, potentially leading to memory corruption. Attackers can exploit this flaw to manipulate the affected software, leading to unauthorized actions on devices utilizing these versions of Office products.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
77% chance of being exploited in the next 30 days.
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved