Oval Definition:	oval:org.mitre.oval:def:12439
Revision Date: 2014-06-30 Version: 21 Title: Excel Array Indexing Vulnerability Description: Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2011-0978 Platform(s): Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Office Compatibility Pack Microsoft Office Excel Viewer Definition Synopsis Vulnerable Excel 2002 Microsoft Excel 2002 is installed AND Excel.exe version is less than 10.0.6869.0 OR Vulnerable Excel 2003 Microsoft Excel 2003 is installed AND Excel.exe version is less than 11.0.8332.0 OR Vulnerable Excel 2007 Microsoft Excel 2007 is installed AND Excel.exe version is less than 12.0.6550.5004 OR Vulnerable Excel Viewer 2007 Microsoft Excel Viewer 2007 is installed AND Xlview.exe version is less than 12.0.6550.5004 OR Vulnerable Compatibility Pack, Office 2007 Compatibility Pack or Office 2007 Microsoft Office Compatibility Pack is installed OR Microsoft Office 2007 is installed AND Excelcnv.exe version is less than 12.0.6550.5004
BACK