(MS11-023) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293)
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2011-0977,CVE-2011-0107
Date du conseil: 17 juin 2011
Description
This security update addresses two vulnerabilities in Microsoft Office, which could allow remote code execution. A remote malicious user could gain the same user rights as the logged on user if a user opens a specially crafted Office file. In addition, when a user opens a legitimate Office file located in the same network directory as a specially crafted library file, it could also allow remote code execution.
Information Exposure Rating:
For information on patches specific to the affected software, please proceed to the Microsoft Web page.
Affected software and version:
- Microsoft Office XP Service Pack 3
- Microsoft Office 2003 Service Pack 3
- Microsoft Office 2007 Service Pack 2
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Open XML File Format Converter for Mac