1. Home
  2. CVE Database
  3. CVE-2012-0142
HIGH · 9.3

CVE-2012-0142

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of file...

Vulnerability Description

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel File Format Memory Corruption in OBJECTLINK Record Vulnerability."

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
MicrosoftExcel2003
MicrosoftExcel ViewerAll versions
MicrosoftOffice2008
MicrosoftOffice Compatibility PackAll versions

Related Weaknesses (CWE)

CWE-399

References

FAQ

What is CVE-2012-0142?

CVE-2012-0142 is a vulnerability with a CVSS score of 9.3 (HIGH). Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of file...

How severe is CVE-2012-0142?

CVE-2012-0142 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-0142?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Excel, Microsoft Excel Viewer, Microsoft Office, Microsoft Office Compatibility Pack.