| Vulnerability Name: | CVE-2011-0103 (CCN-65585) | ||||||||
| Assigned: | 2010-12-21 | ||||||||
| Published: | 2011-04-12 | ||||||||
| Updated: | 2018-10-12 | ||||||||
| Summary: | Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted record information in an Excel file, aka "Excel Memory Corruption Vulnerability." | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-119 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2011-0103 Source: IDEFENSE Type: UNKNOWN 20110412 Microsoft Excel Memory Corruption Vulnerability Source: OSVDB Type: UNKNOWN 71760 Source: CCN Type: SA39122 Microsoft Excel Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 39122 Source: CCN Type: Microsoft Security Bulletin MS11-096 Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241) Source: CCN Type: Microsoft Security Bulletin MS13-085 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080) Source: CCN Type: Microsoft Security Bulletin MS14-083 Vulnerabilities in MicrosoftExcel Could Allow Remote Code Execution (3017347) Source: CCN Type: Microsoft Security Bulletin MS16-054 Security Update for Microsoft Office (3155544) Source: CCN Type: Microsoft Security Bulletin MS16-070 Security Update for Office (3163610) Source: CCN Type: Microsoft Security Bulletin MS16-088 Security Updates for Office (3170008) Source: CCN Type: Microsoft Security Bulletin MS16-099 Security Update for Office (3177451) Source: CCN Type: Microsoft Security Bulletin MS16-107 Security Update for Microsoft Office (3185852) Source: CCN Type: Microsoft Security Bulletin MS16-121 Security Update for Microsoft Office (3194063) Source: CCN Type: Microsoft Security Bulletin MS16-133 Security Update for Microsoft Office (3199168) Source: CCN Type: Microsoft Security Bulletin MS16-148 Security Update for Microsoft Office (3204068) Source: CCN Type: Microsoft Security Bulletin MS17-002 Security Update for Microsoft Office (3214291) Source: CCN Type: Microsoft Security Bulletin MS17-013 Security Update for Microsoft Graphics Component (4013075) Source: CCN Type: Microsoft Security Bulletin MS17-014 Security Update for Microsoft Office (4013241) Source: CCN Type: Microsoft Security Bulletin MS11-021 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279) Source: CCN Type: Microsoft Security Bulletin MS11-045 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146) Source: CCN Type: Microsoft Security Bulletin MS11-072 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2587505) Source: CCN Type: OSVDB ID: 71760 Microsoft Office Excel File Handling Unspecified Memory Corruption Source: BID Type: UNKNOWN 47244 Source: CCN Type: BID-47244 Microsoft Excel CVE-2011-0103 Memory Corruption Vulnerability Source: SECTRACK Type: UNKNOWN 1025337 Source: CERT Type: US Government Resource TA11-102A Source: VUPEN Type: UNKNOWN ADV-2011-0940 Source: MS Type: UNKNOWN MS11-021 Source: XF Type: UNKNOWN excel-mem-corrupt-code-exec(65585) Source: CCN Type: iDefense Labs Public Advisory: 04.12.11 Microsoft Excel Memory Corruption Vulnerability Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:12616 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||