CVE-2010-0263

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel 2007 versions SP1 and SP2 Office 2008 for Mac Open XML File Format Converter for Mac Office Excel Viewer versions SP1 and SP2 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats versions SP1 and SP2 Office SharePoint Server 2007 versions SP1 and SP2

Description The issue allows remote attackers to execute arbitrary code via a crafted document that triggers access to uninitialized memory locations. A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files, which could allow an attacker to take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office Excel 2007 versions SP1 and SP2, update to a version that includes the fix for this issue. For Office 2008 for Mac, update to a version that includes the fix for this issue. For Open XML File Format Converter for Mac, update to a version that includes the fix for this issue. For Office Excel Viewer versions SP1 and SP2, update to a version that includes the fix for this issue. For Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats versions SP1 and SP2, update to a version that includes the fix for this issue. For Office SharePoint Server 2007 versions SP1 and SP2, update to a version that includes the fix for this issue.