PT-2010-2061 · Microsoft · Office 2004+3

Published

2010-03-10

Updated

2018-10-12

CVE-2010-0264

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel versions prior to the fixed version

Description A remote code execution issue exists in the way Microsoft Office Excel handles specially crafted Excel files. This allows an attacker to potentially take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office Excel 2002 SP3, update to a version that includes the fix for this issue. For Office 2004 and 2008 for Mac, update to a version that includes the fix for this issue. For Open XML File Format Converter for Mac, update to a version that includes the fix for this issue. As a temporary workaround, consider avoiding the use of specially crafted Excel files until a patch is available.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2010-0264

Affected Products

Office Excel

Office 2004

Office 2008

Open Xml File Format Converter For Mac

PT-2010-2061 · Microsoft · Office 2004+3

CVE-2010-0264

Weakness Enumeration

Related Identifiers

Affected Products

References · 8