ByteOS Network

Vulnerability Details :

CVE-2010-0263

Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8

Published At-10 Mar, 2010 | 22:00

Updated At-07 Aug, 2024 | 00:45

Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Server 2007 SP1 and SP2 do not validate ZIP headers during decompression of Open XML (.XLSX) documents, which allows remote attackers to execute arbitrary code via a crafted document that triggers access to uninitialized memory locations, aka "Microsoft Office Excel XLSX File Parsing Code Execution Vulnerability."

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:microsoft

Assigner Org ID:f38d906d-7342-40ea-92c1-6c4a2c6478c8

Published At:10 Mar, 2010 | 22:00

Updated At:07 Aug, 2024 | 00:45

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8407	vdb-entry signature x_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017	vendor-advisory x_refsource_MS
http://www.us-cert.gov/cas/techalerts/TA10-068A.html	third-party-advisory x_refsource_CERT
http://www.securityfocus.com/archive/1/509979/100/0/threaded	mailing-list x_refsource_BUGTRAQ
http://www.zerodayinitiative.com/advisories/ZDI-10-025/	x_refsource_MISC
http://www.securitytracker.com/id?1023698	vdb-entry x_refsource_SECTRACK

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8407

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017

Resource:

vendor-advisory

x_refsource_MS

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-068A.html

Resource:

third-party-advisory

x_refsource_CERT

Hyperlink: http://www.securityfocus.com/archive/1/509979/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://www.zerodayinitiative.com/advisories/ZDI-10-025/

Resource:

x_refsource_MISC

Hyperlink: http://www.securitytracker.com/id?1023698

Resource:

vdb-entry

x_refsource_SECTRACK

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8407	vdb-entry signature x_refsource_OVAL x_transferred
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017	vendor-advisory x_refsource_MS x_transferred
http://www.us-cert.gov/cas/techalerts/TA10-068A.html	third-party-advisory x_refsource_CERT x_transferred
http://www.securityfocus.com/archive/1/509979/100/0/threaded	mailing-list x_refsource_BUGTRAQ x_transferred
http://www.zerodayinitiative.com/advisories/ZDI-10-025/	x_refsource_MISC x_transferred
http://www.securitytracker.com/id?1023698	vdb-entry x_refsource_SECTRACK x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8407

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017

Resource:

vendor-advisory

x_refsource_MS

x_transferred

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-068A.html

Resource:

third-party-advisory

x_refsource_CERT

x_transferred

Hyperlink: http://www.securityfocus.com/archive/1/509979/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://www.zerodayinitiative.com/advisories/ZDI-10-025/

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://www.securitytracker.com/id?1023698

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:secure@microsoft.com

Published At:10 Mar, 2010 | 22:30

Updated At:11 Apr, 2025 | 00:51

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C

Type: Primary

Version: 2.0

Base score: 9.3

Base severity: HIGH

Vector:

AV:N/AC:M/Au:N/C:C/I:C/A:C

Hyperlink	Source	Resource
http://www.securityfocus.com/archive/1/509979/100/0/threaded	secure@microsoft.com	N/A
http://www.securitytracker.com/id?1023698	secure@microsoft.com	N/A
http://www.us-cert.gov/cas/techalerts/TA10-068A.html	secure@microsoft.com	US Government Resource
http://www.zerodayinitiative.com/advisories/ZDI-10-025/	secure@microsoft.com	N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017	secure@microsoft.com	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8407	secure@microsoft.com	N/A
http://www.securityfocus.com/archive/1/509979/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securitytracker.com/id?1023698	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.us-cert.gov/cas/techalerts/TA10-068A.html	af854a3a-2127-422b-91ae-364da2661108	US Government Resource
http://www.zerodayinitiative.com/advisories/ZDI-10-025/	af854a3a-2127-422b-91ae-364da2661108	N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-017	af854a3a-2127-422b-91ae-364da2661108	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8407	af854a3a-2127-422b-91ae-364da2661108	N/A

CVE-2010-0263

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs