9.3
CVE-2012-0185
- EPSS 24.63%
- Veröffentlicht 09.05.2012 00:55:01
- Zuletzt bearbeitet 16.06.2026 23:36:51
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers incorrect handling of memory during opening, aka "Excel MergeCells Record Heap Overflow Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Office Compatibility Pack Updatesp2
Microsoft ≫ Office Compatibility Pack Updatesp3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 24.63% | 0.976 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.us-cert.gov/cas/techalerts/TA12-129A.html
http://secunia.com/advisories/49112
http://www.securitytracker.com/id?1027041
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-030
https://exchange.xforce.ibmcloud.com/vulnerabilities/75118
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14738