CVE-2011-0980
Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability."
Microsoft Office Excel 2003 no parsea correctamente objetos Office Art, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con un puntero a función.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The flaw occurs when parsing a document with a malformed Excel document. When parsing an office art object, the application will add the malformed object to a linked list. After this addition, the application will process each element in the linked list. When handling the object in question, the application will explicitly trust a function pointer off of this object. If an attacker can substitute an object of their choosing in place of this function pointer, code execution under the context of the application can be achieved.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-02-07 CVE Published
- 2011-02-10 CVE Reserved
- 2023-10-01 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft | X_refsource_misc | |
| http://secunia.com/advisories/39122 | Third Party Advisory | |
| http://secunia.com/advisories/43210 | Third Party Advisory | |
| http://www.securitytracker.com/id?1025337 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA11-102A.html | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2011/0940 | Vdb Entry | |
| http://zerodayinitiative.com/advisories/ZDI-11-040 | X_refsource_misc | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12018 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021 | 2018-10-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Excel Search vendor "Microsoft" for product "Excel" | 2002 Search vendor "Microsoft" for product "Excel" and version "2002" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Excel Search vendor "Microsoft" for product "Excel" | 2003 Search vendor "Microsoft" for product "Excel" and version "2003" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Excel Search vendor "Microsoft" for product "Excel" | 2003 Search vendor "Microsoft" for product "Excel" and version "2003" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2004 Search vendor "Microsoft" for product "Office" and version "2004" | mac |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2008 Search vendor "Microsoft" for product "Office" and version "2008" | mac |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Open Xml File Format Converter Search vendor "Microsoft" for product "Open Xml File Format Converter" | * | mac |
Affected
| ||||||