[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-0977Date: (C)2011-02-10   (M)2024-03-01


Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office Graphic Object Dereferencing Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1025343
SECUNIA-43216
SECUNIA-44015
ADV-2011-0942
MS11-023
TA11-102A
http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft
http://zerodayinitiative.com/advisories/ZDI-11-043/
oval:org.mitre.oval:def:12339

CPE    1
cpe:/a:microsoft:excel:2007
CWE    1
CWE-399
OVAL    3
oval:org.secpod.oval:def:3300
oval:org.secpod.oval:def:208
oval:org.secpod.oval:def:662

© SecPod Technologies