9.3
CVE-2011-1990
- EPSS 58.63%
- Veröffentlicht 15.09.2011 12:26:48
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secure@microsoft.com
- Teams Watchlist Login
- Unerledigt Login
Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Excel Services on Office SharePoint Server 2007 SP2 do not properly validate the sign of an unspecified array index, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Excel Viewer Updatesp2
Microsoft ≫ Office Compatibility Pack Version2007 Updatesp2
Microsoft ≫ Sharepoint Server Version2007 Updatesp2 Editionx32
Microsoft ≫ Sharepoint Server Version2007 Updatesp2 Editionx64
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 58.63% | 0.98 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.