CVE-2011-0977Microsoft Excel vulnerability

CWE-3994 documents4 sources
Severity
9.3CRITICALNVD
EPSS
62.6%
top 1.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Excel
Timeline
PublishedFeb 10
Latest updateMay 14

Description

Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office Graphic Object Dereferencing Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/excel2007

🔴Vulnerability Details

2
GHSA
GHSA-pj4q-wcrw-wmgf: Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Conv2022-05-14
CVEList
CVE-2011-0977: Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Conv2011-02-10

🕵️Threat Intelligence

1
Zscaler
Zscaler found Multiple Security Vulnerabilities | 04-12-2011
CVE-2011-0977 — Microsoft Excel vulnerability | cvebase