CVE-2011-1277

Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability."

Published: Jun 16, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-1277
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
microsoft / open_xml_file_format_converter	-	-
microsoft / office	2008	2008.x
microsoft / excel	2002-sp3	2002-sp3.x

http://www.securityfocus.com/bid/48162
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-045
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12291

Vulnerability Database

289,599

CVE-2011-1277