Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 15/09/2011 Updated: 12/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel Services on Office SharePoint Server 2007 SP2; Excel Services on Office SharePoint Server 2010 Gold and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote malicious users to execute arbitrary code via a crafted spreadsheet, aka "Excel Conditional Expression Parsing Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft office 2010
microsoft open xml file format converter
microsoft excel viewer
microsoft office compatibility pack 2007
microsoft excel 2010
microsoft office 2008
microsoft office 2011
microsoft excel web app 2010
microsoft excel 2003
microsoft excel 2007
microsoft sharepoint server 2007
microsoft office 2007
microsoft office 2004
microsoft sharepoint server 2010

CWE-20 http://www.us-cert.gov/cas/techalerts/TA11-256A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12974 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-072 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-1989

Vulnerability Summary

References

Vulmon Search

About

Products

Connect