Excel Spreadsheet Parsing Flaw in Microsoft Products
CVE-2011-1272

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Excel; Excel Viewer
Vendor: CVE Published:; 16 June 2011

Summary

A vulnerability exists in several Microsoft products where improper validation of record structures during the parsing of Excel spreadsheets can be exploited by remote attackers. By creating a specially crafted spreadsheet, an attacker may execute arbitrary code on the user's system, potentially compromising sensitive data and system integrity. This flaw affects various versions of Microsoft Excel as well as related Mac applications and tools, highlighting the importance of timely security updates to mitigate risks.

References

http://www.securityfocus.com/bid/48157

vdb-entryx_refsource_BID

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

50% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 16, 2011
Vulnerability Reserved
Mar 4, 2011