Oval Definition:	oval:org.mitre.oval:def:12836
Revision Date: 2014-06-30 Version: 19 Title: Excel Heap Corruption Vulnerability Description: Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly parse records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Heap Corruption Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2011-1988 Platform(s): Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Office Compatibility Pack Microsoft Office Excel Viewer Definition Synopsis Vulnerable Excel 2003 (KB2553072) Microsoft Excel 2003 is installed AND Excel.exe version is less than 11.0.8341.0 OR Vulnerable Excel 2007 (KB2553073) Microsoft Excel 2007 is installed AND Excel.exe version is less than 12.0.6565.5003 OR Microsoft Office 2007 (KB2553089) Microsoft Office 2007 is installed AND Oart.dll version is less than 12.0.6565.5000 OR Microsoft Office 2007 (KB2553090) Microsoft Office 2007 is installed AND Oartconv.dll version is less than 12.0.6565.5000 OR Excel Viewer (KB2553075) Microsoft Excel Viewer 2007 is installed AND Xlview.exe is less than 12.0.6565.5000 OR Vulnerable Compatibility Pack, Office 2007 (KB2553074) Compatibility Pack or Office 2007 Microsoft Office Compatibility Pack is installed OR Microsoft Office 2007 is installed AND Excelcnv.exe version is less than 12.0.6565.5003
BACK