(MS11-021) Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279)
Gravité: : Élevé
CVE Identifier: CVE-2011-0097,CVE-2011-0098,CVE-2011-0101,CVE-2011-0103,CVE-2011-0104,CVE-2011-0105,CVE-2011-0978,CVE-2011-0979,CVE-2011-0980
Date du conseil: 19 mai 2011
Description
This security update resolves nine privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Information Exposure Rating:
For information on patches specific to the affected software, please proceed to the�Microsoft Web page.
Affected software and version:
- Microsoft Office Suites and Components
- Microsoft Office Suites and Components Microsoft Office XP Service Pack 3
- Microsoft Office Suites and Components Microsoft Office 2003 Service Pack 3
- Microsoft Office Suites and Components Microsoft Office 2007 Service Pack 2
- Microsoft Office Suites and Components Microsoft Office 2010 (32-bit editions)
- Microsoft Office Suites and Components Microsoft Office 2010 (64-bit editions)
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
- Open XML File Format Converter for Mac
- Microsoft Excel Viewer Service Pack 2
- Microsoft Office Compatibility Pack for Word
- Excel
- and PowerPoint 2007 File Formats Service Pack 2