PT-2011-4433 · Microsoft · Office Excel+1

Published

2011-12-13

Updated

2018-10-12

CVE-2011-3403

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions 2003 SP3 Office 2004 for Mac

Description A remote code execution issue exists due to improper handling of objects in memory by Microsoft Excel when processing specially crafted Excel files. This allows an attacker to potentially execute arbitrary code and take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Excel 2003 SP3, update to a version that properly handles objects in memory to prevent exploitation. For Office 2004 for Mac, apply the necessary patch or update to ensure the secure handling of Excel files.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2011-3403

Affected Products

Office Excel

Office

PT-2011-4433 · Microsoft · Office Excel+1

CVE-2011-3403

Weakness Enumeration

Related Identifiers

Affected Products

References · 7