| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 9.5 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Microsoft Excel 2002/2003/2007. It has been classified as critical. Affected by this issue is some unknown functionality of the component Array Access. This manipulation causes memory corruption. This vulnerability is registered as CVE-2011-1274. No exploit is available. Applying a patch is the recommended action to fix this issue.
Details
A vulnerability has been found in Microsoft Excel 2002/2003/2007 (Spreadsheet Software) and classified as very critical. Affected by this vulnerability is an unknown code block of the component Array Access. The manipulation with an unknown input leads to a memory corruption vulnerability. The CWE definition for the vulnerability is CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds Array Access Vulnerability."
The weakness was published 06/16/2011 by iDefense Labs with VeriSign iDefense Labs as MS11-045 as confirmed bulletin (Technet). The advisory is shared at microsoft.com. This vulnerability is known as CVE-2011-1274 since 03/04/2011. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $0-$5k at the moment (estimation calculated on 11/09/2021).
The vulnerability scanner Nessus provides a plugin with the ID 55135 (MS11-036 / MS11-045: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2545814 / 2537146) (Mac OS X)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family MacOS X Local Security Checks. The commercial vulnerability scanner Qualys is able to test this issue with plugin 118896 (Microsoft Excel Could Allow Remote Code Execution (MS11-045)).
Applying the patch MS11-045 is able to eliminate this problem. The bugfix is ready for download at microsoft.com. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 11334.
The vulnerability is also documented in the databases at Tenable (55135), SecurityFocus (BID 48159†) and Vulnerability Center (SBV-31794†). Similar entries are available at VDB-4348, VDB-4349, VDB-4369 and VDB-57690. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.microsoft.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 10.0VulDB Meta Temp Score: 9.5
VulDB Base Score: 10.0
VulDB Temp Score: 9.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Memory corruptionCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 55135
Nessus Name: MS11-036 / MS11-045: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2545814 / 2537146) (Mac OS X)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 902378
OpenVAS Name: Microsoft Office Excel Remote Code Execution Vulnerabilities (2537146)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
0-Day Time: 🔍
Patch: MS11-045
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
ISS Proventia IPS: 🔍
PaloAlto IPS: 🔍
Fortigate IPS: 🔍
Timeline
03/04/2011 🔍06/14/2011 🔍
06/14/2011 🔍
06/15/2011 🔍
06/16/2011 🔍
06/16/2011 🔍
03/23/2015 🔍
11/09/2021 🔍
Sources
Vendor: microsoft.comAdvisory: MS11-045
Researcher: iDefense Labs
Organization: VeriSign iDefense Labs
Status: Confirmed
CVE: CVE-2011-1274 (🔍)
GCVE (CVE): GCVE-0-2011-1274
GCVE (VulDB): GCVE-100-57685
OVAL: 🔍
IAVM: 🔍
SecurityFocus: 48159 - Microsoft Excel Array Out Of Bounds Access CVE-2011-1274 Remote Code Execution Vulnerability
Vulnerability Center: 31794 - [MS11-045] Microsoft Excel Out of Bounds Array Access Vulnerability Allows Remote Code Execution, Medium
See also: 🔍
Entry
Created: 03/23/2015 16:50Updated: 11/09/2021 00:13
Changes: 03/23/2015 16:50 (72), 03/24/2017 07:57 (13), 11/09/2021 00:13 (2)
Complete: 🔍
Cache ID: 216:642:103
No comments yet. Languages: en.
Please log in to comment.