exploitDog

CVE-2010-3242

Опубликовано: 13 окт. 2010

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Type Parsing Vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*

cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*

cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*

cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*

EPSS

Процентиль: 98%

0.572

Средний

9.3 Critical

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-f9pr-r235-w4j8

github

больше 3 лет назад

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Type Parsing Vulnerability."

EPSS

Процентиль: 98%

0.572

Средний

9.3 Critical

CVSS2

Дефекты

CWE-20