NVD

Id
11831  
Name
CVE-2010-0263  
Description
Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Server 2007 SP1 and SP2 do not validate ZIP headers during decompression of Open XML (.XLSX) documents, which allows remote attackers to execute arbitrary code via a crafted document that triggers access to uninitialized memory locations, aka "Microsoft Office Excel XLSX File Parsing Code Execution Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2010-03-10  
Modified Date
2010-08-21  
Seq
2010-0263  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
65175 11831 CVE-2010-0263 oval:org.mitre.oval:def:8407  View
65176 11831 CVE-2010-0263 MS10-017  View
65177 11831 CVE-2010-0263 20100309 ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability  View
65178 11831 CVE-2010-0263 1023698  View
65179 11831 CVE-2010-0263 TA10-068A  View
65180 11831 CVE-2010-0263 http://www.zerodayinitiative.com/advisories/ZDI-10-025/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
35390 JVNDB-2010-001170 複数の Microsoft 製品における任意のコードを実行される脆弱性 複数の Microsoft 製品には、Open XML (.XLSX) ドキュメントの解凍処理において ZIP ヘッダを適切に処理しないため、任意のコードを実行される脆弱性が存在します。 CVE-2010-0263 42843 CVE-2010-0263 11831 9.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001170.html 2010-03-09 2010-03-19 View