CVE-2012-0143
Description
Microsoft Excel 2003 SP3 and Office 2008 for Mac do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Memory Corruption Using Various Modified Bytes Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Microsoft Excel 2003 SP3 and Office 2008 for Mac have a memory corruption vulnerability that allows remote code execution via a crafted spreadsheet.
Vulnerability
Microsoft Excel 2003 SP3 and Office 2008 for Mac improperly handle memory when opening files, leading to memory corruption. This vulnerability, dubbed "Excel Memory Corruption Using Various Modified Bytes Vulnerability," is triggered by a specially crafted spreadsheet. Affected versions include Excel 2003 SP3 and Office 2008 for Mac [1].
Exploitation
An attacker can exploit this vulnerability by convincing a user to open a malicious spreadsheet file. No authentication is required, and the attack is remote. The user must open the file, which can be delivered via email or web download.
Impact
Successful exploitation allows remote code execution with the same privileges as the logged-on user. If the user has administrative rights, the attacker can gain full control of the system. This compromises confidentiality, integrity, and availability [1].
Mitigation
Microsoft released security update MS12-030 in May 2012 to address this vulnerability. Users should apply the update via Windows Update or manual download [1]. US-CERT also recommends applying updates [2].
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: SP3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.us-cert.gov/cas/techalerts/TA12-129A.htmlnvdUS Government Resource
- secunia.com/advisories/49112nvd
- www.securityfocus.com/bid/53374nvd
- www.securitytracker.com/idnvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-030nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15064nvd
News mentions
0No linked articles in our index yet.