NuytsTech Security

CVE-2010-0260

by ·

Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet in which "a MDXTUPLE record is broken up into several records," aka "Microsoft Office Excel MDXTUPLE Record Heap Overflow Vulnerability."

Date published : 2010-03-10

http://www.us-cert.gov/cas/techalerts/TA10-068A.html

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=862

Tags: