9.3
CVE-2010-0261
- EPSS 65.47%
- Veröffentlicht 10.03.2010 22:30:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secure@microsoft.com
- Teams Watchlist Login
- Unerledigt Login
Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet in which "a MDXSET record is broken up into several records," aka "Microsoft Office Excel MDXSET Record Heap Overflow Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Office Compatibility Pack Version2007 Updatesp1
Microsoft ≫ Office Compatibility Pack Version2007 Updatesp2
Microsoft ≫ Office Excel Viewer Updatesp1
Microsoft ≫ Office Excel Viewer Updatesp2
Microsoft ≫ Office Sharepoint Server Version2007 Updatesp1 Editionx32
Microsoft ≫ Office Sharepoint Server Version2007 Updatesp1 Editionx64
Microsoft ≫ Office Sharepoint Server Version2007 Updatesp2 Editionx32
Microsoft ≫ Office Sharepoint Server Version2007 Updatesp2 Editionx64
Microsoft ≫ Open Xml File Format Converter Editionmac
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 65.47% | 0.983 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.