Excel Vulnerability in Microsoft Office Products Leading to Code Execution
CVE-2011-0980

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Excel
Vendor: CVE Published:; 10 February 2011

Summary

The vulnerability in Microsoft Excel arises from improper handling of Office Art objects, potentially enabling remote attackers to exploit this flaw. By manipulating function pointers, attackers can execute arbitrary code, placing users' systems at significant risk. This issue affects multiple versions of Microsoft Excel, including older variants and Mac products, underscoring the importance of keeping software updated to mitigate such vulnerabilities.

References

http://zerodayinitiative.com/advisories/ZDI-11-040/

x_refsource_MISC

http://www.us-cert.gov/cas/techalerts/TA11-102A.html

third-party-advisoryx_refsource_CERT

http://secunia.com/advisories/39122

third-party-advisoryx_refsource_SECUNIA

EPSS Score

60% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 10, 2011
Vulnerability Reserved
Feb 10, 2011