Format string

2010-03-1022:30:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.933 High

EPSS

Percentile

99.0%

JSON

Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers access of an uninitialized stack variable, aka “Microsoft Office Excel FNGROUPNAME Record Uninitialized Memory Vulnerability.”

CPENameOperatorVersion
exceleq2007 sp2
exceleq2007 sp1
exceleq2002 sp3
exceleq2003 sp3
officeeq2008 mac
officeeq2004 mac
office_compatibility_packeq2007 sp2
office_compatibility_packeq2007 sp1
office_sharepoint_servereq2007 sp1-x64
office_sharepoint_servereq2007 sp2-x32

Name	Operator	Version
excel	eq	2007 sp2
excel	eq	2007 sp1
excel	eq	2002 sp3
excel	eq	2003 sp3
office	eq	2008 mac
office	eq	2004 mac
office_compatibility_pack	eq	2007 sp2
office_compatibility_pack	eq	2007 sp1
office_sharepoint_server	eq	2007 sp1-x64
office_sharepoint_server	eq	2007 sp2-x32