Vulnerabilities > Microsoft > Excel > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-04-13 | CVE-2011-0103 | Buffer Errors vulnerability in Microsoft Excel, Office and Open XML File Format Converter Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted record information in an Excel file, aka "Excel Memory Corruption Vulnerability." | 9.3 |
| 2011-04-13 | CVE-2011-0104 | Buffer Errors vulnerability in Microsoft Excel, Office and Open XML File Format Converter Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HLink record in an Excel file, aka "Excel Buffer Overwrite Vulnerability." | 9.3 |
| 2011-04-13 | CVE-2011-0105 | Buffer Errors vulnerability in Microsoft Excel, Office and Open XML File Format Converter Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability." | 9.3 |
| 2011-02-10 | CVE-2011-0977 | Resource Management Errors vulnerability in Microsoft Excel 2007 Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office Graphic Object Dereferencing Vulnerability." | 9.3 |
| 2011-02-10 | CVE-2011-0978 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability." | 9.3 |
| 2011-02-10 | CVE-2011-0979 | Improper Input Validation vulnerability in Microsoft products Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a malformed object record, related to a "stray reference," aka "Excel Linked List Corruption Vulnerability." | 9.3 |
| 2011-02-10 | CVE-2011-0980 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Excel, Office and Open XML File Format Converter Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability." | 9.3 |
| 2010-10-13 | CVE-2010-3230 | Numeric Errors vulnerability in Microsoft Excel 2002 Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulnerability." | 9.3 |
| 2010-10-13 | CVE-2010-3231 | Improper Input Validation vulnerability in Microsoft Excel, Office and Open XML File Format Converter Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Parsing Memory Corruption Vulnerability." | 9.3 |
| 2010-10-13 | CVE-2010-3232 | Improper Input Validation vulnerability in Microsoft products Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel File Format Parsing Vulnerability." | 9.3 |