Oval Definition:	oval:org.mitre.oval:def:12595
Revision Date: 2013-09-30 Version: 11 Title: Excel Linked List Corruption Vulnerability Description: Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a malformed object record, related to a "stray reference," aka "Excel Linked List Corruption Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2011-0979 Platform(s): Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2010 Microsoft Office Excel Viewer Definition Synopsis Vulnerable Excel 2002 Microsoft Excel 2002 is installed AND Excel.exe version is less than 10.0.6869.0 OR Vulnerable Excel 2003 Microsoft Excel 2003 is installed AND Excel.exe version is less than 11.0.8332.0 OR Vulnerable Excel 2007 Microsoft Excel 2007 is installed AND Excel.exe version is less than 12.0.6550.5004 OR Vulnerable Excel 2010 Microsoft Excel 2010 is installed AND Excel.exe version is less than 14.0.5130.5003 OR Vulnerable Excel Viewer 2007 Microsoft Excel Viewer 2007 is installed AND Xlview.exe version is less than 12.0.6550.5004
BACK