CVE-2011-0980

Description

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12018

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021

http://zerodayinitiative.com/advisories/ZDI-11-040/

http://www.vupen.com/english/advisories/2011/0940

http://www.us-cert.gov/cas/techalerts/TA11-102A.html

http://www.securitytracker.com/id?1025337

http://secunia.com/advisories/43210

http://secunia.com/advisories/39122

http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3