Home

CVE-2011-1986

Description

Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka Excel Use after Free WriteAV Vulnerability.

Risk Information

Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
62.366

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Microsoft Office Excel 2003 (KB2553072)Windows
Security Update for Microsoft Office Excel 2007 (KB2553073)Windows
Security Update for Microsoft Excel 2010 (KB2553070), 32-Bit EditionWindows
Security Update for Microsoft Excel 2010 (KB2553070), 64-Bit EditionWindows
Security Update for Microsoft Office 2010 (KB2553091), 32-Bit EditionWindows
Security Update for Microsoft Office 2010 (KB2553096), 32-Bit EditionWindows
Security Update for Microsoft Office 2010 (KB2553091), 64-Bit EditionWindows
Security Update for Microsoft Office 2010 (KB2553096), 64-Bit EditionWindows
Security Update for Microsoft Office Excel Viewer (KB2553075)Windows
Security Update for the 2007 Microsoft Office System (KB2553074)Windows
Security Update for Microsoft Office 2007 System (KB2553089)Windows
Security Update for Microsoft Office 2007 System (KB2553090)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-10917Security Update for Microsoft Office Excel 2007 (KB2553073)
PATCH-10920Security Update for Microsoft Office 2010 (KB2553091), 32-Bit Edition
PATCH-10921Security Update for Microsoft Office 2010 (KB2553096), 32-Bit Edition
PATCH-10922Security Update for Microsoft Office 2010 (KB2553091), 64-Bit Edition
PATCH-10924Security Update for Microsoft Office Excel Viewer (KB2553075)
PATCH-10925Security Update for the 2007 Microsoft Office System (KB2553074)
PATCH-10926Security Update for Microsoft Office 2007 System (KB2553089)
PATCH-10927Security Update for Microsoft Office 2007 System (KB2553090)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234