Heap Corruption in Microsoft Excel Products
CVE-2011-1988

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Excel; Excel Viewer
Vendor: CVE Published:; 15 September 2011

What is CVE-2011-1988?

A vulnerability exists in multiple versions of Microsoft Excel, including both Windows and Mac editions. This flaw stems from improper parsing of records in Excel spreadsheets, leading to heap corruption. An attacker can craft a malicious spreadsheet that exploits this vulnerability, enabling remote code execution. Users opening the compromised file may inadvertently execute harmful code, which could compromise their system's integrity and security.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/cas/techalerts/TA11-256A.html

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

58% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 15, 2011
Vulnerability Reserved
May 9, 2011