CVE-2010-0263 in Officeinfo

Summary

Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Server 2007 SP1 and SP2 do not validate ZIP headers during decompression of Open XML (.XLSX) documents, which allows remote attackers to execute arbitrary code via a crafted document that triggers access to uninitialized memory locations, aka "Microsoft Office Excel XLSX File Parsing Code Execution Vulnerability."

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

01/07/2010

Disclosure

03/10/2010

Moderation

VulDB entry created

Entries

VDB-52148 (1)

CPE

ready

CWE

CWE-94 (Confirmed)

CVSS

10.0

EPSS

0.54855

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-0263
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-0263
CVE Details	https://www.cvedetails.com/cve/CVE-2010-0263/

◂ Previous Overview Next ▸