PRIOn knowledge basePRION:CVE-2012-0142

HistoryMay 09, 2012 - 12:55 a.m.

Memory corruption

2012-05-0900:55:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.933 High

EPSS

Percentile

99.0%

JSON

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka “Excel File Format Memory Corruption in OBJECTLINK Record Vulnerability.”

CPENameOperatorVersion
exceleq2007 sp2
exceleq2010
exceleq2003 sp3
exceleq2010 sp1
exceleq2007 sp3
officeeq2008 mac

Name	Operator	Version
excel	eq	2007 sp2
excel	eq	2010
excel	eq	2003 sp3
excel	eq	2010 sp1
excel	eq	2007 sp3
office	eq	2008 mac

References

secunia.com/advisories/49112

www.securityfocus.com/bid/53373

www.securitytracker.com/id?1027041

www.us-cert.gov/cas/techalerts/TA12-129A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-030

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15543

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.933 High

EPSS

Percentile

99.0%

JSON

Related for PRION:CVE-2012-0142