CVE-2011-1989 : Detail

Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel Services on Office SharePoint Server 2007 SP2; Excel Services on Office SharePoint Server 2010 Gold and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Conditional Expression Parsing Vulnerability."

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Products Mentioned

Configuraton 0

Microsoft>>Excel >> Version 2003

• Microsoft>>Excel >> Version 2003 (Open CPE detail)

Microsoft>>Excel >> Version 2007

• Microsoft>>Excel >> Version 2007 (Open CPE detail)

Microsoft>>Excel >> Version 2010

Microsoft>>Excel >> Version 2010

Microsoft>>Excel >> Version 2010

Microsoft>>Excel >> Version 2010

Microsoft>>Excel_viewer >> Version *

• Microsoft>>Excel_viewer >> Version - (Open CPE detail)

Microsoft>>Excel_web_app >> Version 2010

• Microsoft>>Excel_web_app >> Version 2010 (Open CPE detail)

Microsoft>>Excel_web_app >> Version 2010

Microsoft>>Office >> Version 2004

• Microsoft>>Office >> Version 2004 (Open CPE detail)

Microsoft>>Office >> Version 2007

• Microsoft>>Office >> Version 2007 (Open CPE detail)
• Microsoft>>Office >> Version 2007 (Open CPE detail)

Microsoft>>Office >> Version 2008

• Microsoft>>Office >> Version 2008 (Open CPE detail)

Microsoft>>Office >> Version 2010

Microsoft>>Office >> Version 2010

• Microsoft>>Office >> Version 2010 (Open CPE detail)
• Microsoft>>Office >> Version 2010 (Open CPE detail)

Microsoft>>Office >> Version 2010

Microsoft>>Office >> Version 2010

• Microsoft>>Office >> Version 2010 (Open CPE detail)

Microsoft>>Office >> Version 2011

• Microsoft>>Office >> Version 2011 (Open CPE detail)

Microsoft>>Office_compatibility_pack >> Version 2007

• Microsoft>>Office_compatibility_pack >> Version 2007 (Open CPE detail)

Microsoft>>Open_xml_file_format_converter >> Version *

• Microsoft>>Open_xml_file_format_converter >> Version - (Open CPE detail)

Microsoft>>Sharepoint_server >> Version 2007

Microsoft>>Sharepoint_server >> Version 2007

Microsoft>>Sharepoint_server >> Version 2010

• Microsoft>>Sharepoint_server >> Version 2010 (Open CPE detail)
• Microsoft>>Sharepoint_server >> Version 2010 (Open CPE detail)
• Microsoft>>Sharepoint_server >> Version 2010 (Open CPE detail)
• Microsoft>>Sharepoint_server >> Version 2010 (Open CPE detail)

Microsoft>>Sharepoint_server >> Version 2010

• Microsoft>>Sharepoint_server >> Version 2010 (Open CPE detail)

References