{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-03-09T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet in which \"a MDXSET record is broken up into several records,\" aka \"Microsoft Office Excel MDXSET Record Heap Overflow Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "20100309 Microsoft Excel MDXSET Record Heap Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=861"}, {"name": "oval:org.mitre.oval:def:8479", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8479"}, {"name": "MS10-017", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017"}, {"name": "TA10-068A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-068A.html"}, {"name": "1023698", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1023698"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2010-0261", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet in which \"a MDXSET record is broken up into several records,\" aka \"Microsoft Office Excel MDXSET Record Heap Overflow Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20100309 Microsoft Excel MDXSET Record Heap Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=861"}, {"name": "oval:org.mitre.oval:def:8479", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8479"}, {"name": "MS10-017", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017"}, {"name": "TA10-068A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA10-068A.html"}, {"name": "1023698", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1023698"}]}}}}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2010-0261", "datePublished": "2010-03-10T22:00:00", "dateReserved": "2010-01-07T00:00:00", "dateUpdated": "2018-10-12T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*", "matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "CEBB33CD-CACF-4EB8-8B5F-8E1CB8D7A440", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:excel:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "F703901F-AD7C-42E7-BBFA-529A8C510D83", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:excel:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "273729C3-56BF-454A-8697-473094EA828F", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*", "matchCriteriaId": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*", "matchCriteriaId": "5BA91840-371C-4282-9F7F-B393F785D260", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*", "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "A4B44889-AEEB-4713-A047-C27B802DB257", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "E8A9B86A-21B8-4E2F-9DB8-1D1DFE718A0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "69286E7D-BA6E-479F-A9B3-2B9F54663847", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x32:*:*:*:*:*", "matchCriteriaId": "E013CE59-0ABF-4542-A9E9-D295AA0FC2A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x64:*:*:*:*:*", "matchCriteriaId": "C0AEECDD-BBD0-4042-8A47-D66670A6DC6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x32:*:*:*:*:*", "matchCriteriaId": "91A3E58F-E2FE-4346-9083-58C963171A73", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6BE07062-6299-4371-BD74-BA7F7840DBA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*", "matchCriteriaId": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet in which \"a MDXSET record is broken up into several records,\" aka \"Microsoft Office Excel MDXSET Record Heap Overflow Vulnerability.\""}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en Microsoft Office Excel v2007 SP1 y SP2 y Office Compatibility Pack para Word, Excel, y para formatos de ficheros PowerPoint v2007 SP1 y SP2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una hoja de c\u00e1lculo manipulada, tambi\u00e9n conocida como \"Vulnerabilidad de desbordamiento de pila de Microsoft Office Excel MDXSET record\"\r\n"}], "id": "CVE-2010-0261", "lastModified": "2018-10-12T21:56:43.197", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-03-10T22:30:01.137", "references": [{"source": "secure@microsoft.com", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=861"}, {"source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1023698"}, {"source": "secure@microsoft.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-068A.html"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017"}, {"source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8479"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}