Excel Improper Record Parsing in Microsoft Products
CVE-2011-1273

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Excel; Excel Viewer
Vendor: CVE Published:; 16 June 2011

Summary

This vulnerability affects several versions of Microsoft Excel and associated Office products by failing to properly validate record information when parsing Excel spreadsheets. An attacker can exploit this weakness by crafting a malicious spreadsheet, leading to arbitrary code execution or causing memory corruption, which can result in a denial of service. Users are advised to apply necessary patches to mitigate risks associated with this vulnerability.

References

http://osvdb.org/72921

vdb-entryx_refsource_OSVDB

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://secunia.com/advisories/44931/

third-party-advisoryx_refsource_SECUNIA

EPSS Score

50% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 16, 2011
Vulnerability Reserved
Mar 4, 2011