CVE-2011-1278

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions prior to the fixed version Office 2004 for Mac

Description A remote code execution issue exists due to improper validation of record information during the parsing of Excel spreadsheets, allowing attackers to execute arbitrary code or cause a denial of service via a crafted spreadsheet. This could enable an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Excel, update to a version that includes the fix for this issue. For Office 2004 for Mac, consider applying any available patches or updates that address this issue. As a temporary workaround, consider restricting the opening of Excel files from untrusted sources until a patch is available.