CVE-2011-0105
EXPLOITEDMS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
Title source: metasploitDescription
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability."
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/18087
metasploit
WORKING POC
NORMAL
by Aniway, Unknown, sinn3r, juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ms11_021_xlb_bof.rb
References (6)
Scores
EPSS
0.8942
EPSS Percentile
99.6%
Details
VulnCheck KEV
2023-07-19
CWE
CWE-119
Status
published
Products (4)
microsoft/excel
2002 sp3
microsoft/office
2004
microsoft/office
2008
microsoft/open_xml_file_format_converter
Published
Apr 13, 2011
Tracked Since
Feb 18, 2026