Excel Out of Bounds Array Access Vulnerability in Microsoft Office Products
CVE-2011-1274

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Excel; Excel Viewer
Vendor: CVE Published:; 16 June 2011

Summary

The vulnerability affects several versions of Microsoft Excel and associated products, where improper validation of record information during the parsing of Excel spreadsheets can lead to remote code execution or service disruption. An attacker could exploit this weakness through the use of specially crafted spreadsheets, allowing them to execute arbitrary code on the affected systems. This poses a significant risk to users who open these files.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

50% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 16, 2011
Vulnerability Reserved
Mar 4, 2011