Unrated severityNVD Advisory· Published Sep 15, 2011· Updated Apr 29, 2026

CVE-2011-1982

Description

Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize an unspecified object pointer during the opening of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Office Uninitialized Object Pointer Vulnerability."

Affected products

Microsoft/Office5 versions
cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2010:sp1:x32:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2010:sp1:x64:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2010:*:x32:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2010:*:x64:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/909022nvdUS Government Resource
www.us-cert.gov/cas/techalerts/TA11-256A.htmlnvdUS Government Resource
docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-073nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12243nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.049
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000