CVE-2010-3236

{"id": "CVE-2010-3236", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-10-13T19:00:45.697", "references": [{"url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-080", "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7209", "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-080", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7209", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka \"Out Of Bounds Array Vulnerability.\""}, {"lang": "es", "value": "Microsoft Excel 2002 SP3 y 2003 SP3, Office 2004 y 2008 para Mac, y Open XML File Format Converter para Mac no valida adecuadamente informaci\u00f3n de registro, que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de documentos Excel manipulados, tambi\u00e9n conocido como \"Out Of Bounds Array Vulnerability\"."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF"}, {"criteria": "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEBB33CD-CACF-4EB8-8B5F-8E1CB8D7A440"}, {"criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25"}, {"criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BA91840-371C-4282-9F7F-B393F785D260"}, {"criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}