CVE-2014-6360

Microsoft Excel 2007 SP3/2010 SP2 RCE via Crafted Office Document

Title source: llm
STIX 2.1

Description

Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Global Free Remote Code Execution in Excel Vulnerability."

References (1)

Core 1
Core References

Scores

EPSS 0.1335
EPSS Percentile 95.9%

Details

CWE
CWE-94
Status published
Products (3)
microsoft/excel 2007 sp3
microsoft/excel 2010 sp2 (2 CPE variants)
microsoft/office_compatibility_pack
Published Dec 11, 2014
Tracked Since Feb 18, 2026