CVE-2010-0261

critical

Microsoft

CVSS v3 Base Score

9.3

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS Score

65.5%

Exploitation probability in 30 days

Top 1% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Confidentiality

Integrity

Availability

Published: March 10, 2010 (5909 days ago)

Last Modified: April 29, 2026

Vendor: Microsoft

Source: NVD

Description

Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet in which "a MDXSET record is broken up into several records," aka "Microsoft Office Excel MDXSET Record Heap Overflow Vulnerability."

CWE

CWE-119

Affected Products

microsoft excelmicrosoft officemicrosoft office compatibility packmicrosoft office excel viewermicrosoft office sharepoint servermicrosoft open xml file format converter

References

🔗 labs.idefense.com 🔗 www.securitytracker.com 🔗 www.us-cert.gov 🔗 docs.microsoft.com 🔗 oval.cisecurity.org

CVE-2010-0261

Vulnerability Report

Description

CWE

Affected Products

References