CVE-2011-1277: Buffer Overflow
First published: Thu Jun 16 2011(Updated: )
Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Open XML File Format Converter | ||
| Microsoft Office | =2008 | |
| Microsoft Office Excel | =2002-sp3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-1277?
CVE-2011-1277 has a critical severity level due to its potential for remote code execution.
How do I fix CVE-2011-1277?
To fix CVE-2011-1277, users should apply the Microsoft Security Update MS11-045.
What software is affected by CVE-2011-1277?
CVE-2011-1277 affects Microsoft Excel 2002 SP3, Office 2008 for Mac, and the Open XML File Format Converter for Mac.
Can CVE-2011-1277 cause data loss?
Yes, CVE-2011-1277 can lead to memory corruption, which may result in data loss.
Who is impacted by CVE-2011-1277?
Users of the affected versions of Microsoft Excel and Office for Mac are impacted by CVE-2011-1277.
- agent/type
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft open xml file format converter
- canonical/microsoft office
- version/microsoft office/2008
- canonical/microsoft office excel
- version/microsoft office excel/2002-sp3