CVE-2010-3231

Microsoft Excel <2002 SP3-2008 - RCE

Title source: llm
STIX 2.1

Description

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Parsing Memory Corruption Vulnerability."

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7475
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-285A.html

Scores

EPSS 0.2065
EPSS Percentile 97.2%

Details

CWE
CWE-20
Status published
Products (4)
microsoft/excel 2002 sp3
microsoft/office 2004
microsoft/office 2008
microsoft/open_xml_file_format_converter
Published Oct 13, 2010
Tracked Since Feb 18, 2026