1. Home
  2. CVE Database
  3. CVE-2010-0261
HIGH · 9.3

CVE-2010-0261

Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arb...

Vulnerability Description

Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet in which "a MDXSET record is broken up into several records," aka "Microsoft Office Excel MDXSET Record Heap Overflow Vulnerability."

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
MicrosoftExcel2002
MicrosoftOffice2004
MicrosoftOffice Compatibility Pack2007
MicrosoftOffice Excel ViewerAll versions
MicrosoftOffice Sharepoint Server2007
MicrosoftOpen Xml File Format ConverterAll versions

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2010-0261?

CVE-2010-0261 is a vulnerability with a CVSS score of 9.3 (HIGH). Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arb...

How severe is CVE-2010-0261?

CVE-2010-0261 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-0261?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Excel, Microsoft Office, Microsoft Office Compatibility Pack, Microsoft Office Excel Viewer, Microsoft Office Sharepoint Server.