Improper input validation in Microsoft Excel
CVE-2010-3242
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghos…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.572 (98.2th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Excel — versions 2002
- Microsoft Office — versions 2004, 2008
- Microsoft Open_xml_file_format_converter
- N/a — versions n/a
Weakness classification (CWE)
References
- oval:org.mitre.oval:def:6902 (x_refsource_OVAL, signature, vdb-entry)
- MS10-080 (x_refsource_MS, vendor-advisory)
- TA10-285A (US Government Resource, x_refsource_CERT, third-party-advisory)