CVE-2010-3237

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions 2002 SP3 Office 2004 for Mac

Description A remote code execution issue exists in the way Microsoft Excel handles specially crafted Excel files. This allows remote attackers to execute arbitrary code via a crafted Excel document. An attacker who successfully exploits this issue could take complete control of an affected system, then install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Excel 2002 SP3, update to a version that properly validates record information to prevent arbitrary code execution. For Office 2004 for Mac, update to a version that correctly handles specially crafted Excel files to mitigate the risk of remote code execution.