CVE-2010-1251 — Code Injection in Microsoft Excel

CWE-94 — Code Injection2 documents2 sources

Severity

9.3CRITICALNVD

EPSS

57.3%

top 1.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Excel Microsoft Office

Timeline

PublishedJun 8

Latest updateMay 2

Description

Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Record Stack Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDmicrosoft/excel2002

▶NVDmicrosoft/office2004

🔴Vulnerability Details

GHSA

GHSA-4wh3-fp8f-x8c9: Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted E↗2022-05-02

▶