Improper input validation in Microsoft Excel
CVE-2010-3236
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel docume…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.563 (98.2th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Excel — versions 2003, 2002
- Microsoft Office — versions 2004, 2008
- Microsoft Open_xml_file_format_converter
- N/a — versions n/a
Weakness classification (CWE)
References
- oval:org.mitre.oval:def:7209 (x_refsource_OVAL, signature, vdb-entry)
- MS10-080 (x_refsource_MS, vendor-advisory)
- TA10-285A (US Government Resource, x_refsource_CERT, third-party-advisory)