Microsoft: >> Excel Security Vulnerabilities
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability."
CVSS Score
9.3
EPSS Score
0.626
Published
2011-02-10
Microsoft Excel 2002 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Extra Out of Boundary Record Parsing Vulnerability."
CVSS Score
9.3
EPSS Score
0.587
Published
2010-10-13
Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Real Time Data Array Record Vulnerability."
CVSS Score
9.3
EPSS Score
0.563
Published
2010-10-13
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in Parsing Vulnerability."
CVSS Score
9.3
EPSS Score
0.509
Published
2010-10-13
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Type Parsing Vulnerability."
CVSS Score
9.3
EPSS Score
0.572
Published
2010-10-13
Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulnerability."
CVSS Score
9.3
EPSS Score
0.686
Published
2010-10-13
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Parsing Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.607
Published
2010-10-13
Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel File Format Parsing Vulnerability."
CVSS Score
9.3
EPSS Score
0.572
Published
2010-10-13
Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted .wk3 (aka Lotus 1-2-3 workbook) file, aka "Lotus 1-2-3 Workbook Parsing Vulnerability."
CVSS Score
9.3
EPSS Score
0.63
Published
2010-10-13
Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Substream Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.588
Published
2010-10-13