VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Mar 10, 2010· Updated Apr 29, 2026

CVE-2010-0263

CVE-2010-0263

Description

Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Server 2007 SP1 and SP2 do not validate ZIP headers during decompression of Open XML (.XLSX) documents, which allows remote attackers to execute arbitrary code via a crafted document that triggers access to uninitialized memory locations, aka "Microsoft Office Excel XLSX File Parsing Code Execution Vulnerability."

Affected products

15
  • Microsoft/Excel4 versions
    cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:excel:2007:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:excel:2007:sp2:*:*:*:*:*:*
  • Microsoft/Office2 versions
    cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
    • cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
  • Microsoft/Office Compatibility Pack2 versions
    cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*
  • Microsoft/Office Excel Viewer2 versions
    cpe:2.3:a:microsoft:office_excel_viewer:*:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:office_excel_viewer:*:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office_excel_viewer:*:sp2:*:*:*:*:*:*
  • Microsoft/Office Sharepoint Server4 versions
    cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x32:*:*:*:*:*+ 3 more
    • cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x32:*:*:*:*:*
    • cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp1:x64:*:*:*:*:*
    • cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x32:*:*:*:*:*
    • cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x64:*:*:*:*:*
  • Microsoft/Open Xml File Format Converter
    cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.