exploitDog

CVE-2011-1990

Опубликовано: 15 сент. 2011

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Excel Services on Office SharePoint Server 2007 SP2 do not properly validate the sign of an unspecified array index, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:excel:2007:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:excel_viewer:*:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x32:*:*:*:*:*

cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x64:*:*:*:*:*

EPSS

Процентиль: 98%

0.61102

Средний

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-f9f3-g4p4-q8f6

github

больше 3 лет назад

Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Excel Services on Office SharePoint Server 2007 SP2 do not properly validate the sign of an unspecified array index, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability."

EPSS

Процентиль: 98%

0.61102

Средний

9.3 Critical

CVSS2

Дефекты

CWE-119