CVE-2017-0194

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions 2007 SP3 through 2010 SP2 Office Compatibility Pack version SP2

Description The issue allows remote attackers to obtain sensitive information from process memory via a crafted Office document. This is related to improper disclosure of the contents of Microsoft Office memory, which could be used to compromise the user's computer or data.

Recommendations For Microsoft Excel 2007 SP3, update to a version that fixes the information disclosure issue. For Microsoft Excel 2010 SP2, update to a version that fixes the information disclosure issue. For Office Compatibility Pack SP2, update to a version that fixes the information disclosure issue.