CVE-2012-0184

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 Office 2008 and 2011 for Mac Excel Viewer Office Compatibility Pack versions SP2 and SP3

Description A remote code execution issue exists in the way Microsoft Excel handles specially crafted Excel files. This allows an attacker to execute arbitrary code via a crafted spreadsheet. An attacker who successfully exploits this issue could take complete control of an affected system, then install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Excel 2003 SP3, update to a newer version to mitigate the risk. For Microsoft Excel 2007 SP2 and SP3, update to a newer version to mitigate the risk. For Microsoft Excel 2010 Gold and SP1, update to a newer version to mitigate the risk. For Office 2008 and 2011 for Mac, update to a newer version to mitigate the risk. For Excel Viewer, update to a newer version to mitigate the risk. For Office Compatibility Pack SP2 and SP3, update to a newer version to mitigate the risk. As a temporary workaround, consider avoiding the use of specially crafted Excel files until a patch is available.