Array Index Error in Microsoft Excel Products
CVE-2011-1987

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office; Open Xml File Format Converter; Excel; Excel Viewer
Vendor: CVE Published:; 15 September 2011

Summary

An array index error in various Microsoft Excel products allows remote attackers to manipulate a crafted spreadsheet to execute arbitrary code. This exploitation can occur in multiple versions of Excel, including Office 2003, 2007, and 2010, as well as on Mac versions and related compatibility packs. Attackers leverage this flaw to potentially gain control over the victim's system by enticing users to interact with maliciously crafted files.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/cas/techalerts/TA11-256A.html

third-party-advisoryx_refsource_CERT

EPSS Score

58% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 15, 2011
Vulnerability Reserved
May 9, 2011