cpe:/a:microsoft:excel:2003:sp3 cpe:/a:microsoft:excel:2007:sp2 cpe:/a:microsoft:excel:2010::x32 cpe:/a:microsoft:excel:2010::x64 cpe:/a:microsoft:excel:2010:sp1:x32 cpe:/a:microsoft:excel:2010:sp1:x64 cpe:/a:microsoft:excel_viewer::sp2 cpe:/a:microsoft:excel_web_app:2010 cpe:/a:microsoft:excel_web_app:2010:sp1 cpe:/a:microsoft:office:2004::mac cpe:/a:microsoft:office:2007:sp2 cpe:/a:microsoft:office:2008::mac cpe:/a:microsoft:office:2010::x32 cpe:/a:microsoft:office:2010::x64 cpe:/a:microsoft:office:2010:sp1:x32 cpe:/a:microsoft:office:2010:sp1:x64 cpe:/a:microsoft:office:2011::mac cpe:/a:microsoft:office_compatibility_pack:2007:sp2 cpe:/a:microsoft:open_xml_file_format_converter:::mac cpe:/a:microsoft:sharepoint_server:2007:sp2:x32 cpe:/a:microsoft:sharepoint_server:2007:sp2:x64 cpe:/a:microsoft:sharepoint_server:2010 cpe:/a:microsoft:sharepoint_server:2010:sp1 CVE-2011-1989 2011-09-15T08:26:48.947-04:00 2017-09-18T21:32:51.413-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2011-09-15T11:35:00.000-04:00 IAVM IAVM:2011-A-0124 MS MS11-072 CERT TA11-256A Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel Services on Office SharePoint Server 2007 SP2; Excel Services on Office SharePoint Server 2010 Gold and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Conditional Expression Parsing Vulnerability."