(MS12-030) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)

  Severity: HIGH
  CVE Identifier: CVE-2012-0141,CVE-2012-0142,CVE-2012-0143,CVE-2012-0184,CVE-2012-0185,CVE-2012-1847
  Advisory Date: MAY 09, 2012

  DESCRIPTION

Several vulnerabilities in some versions of MS Excel are resolved in this particular bulletin. To exploit this vulnerability, an attacker must persuade a user to open a specially crafted MS Excel file. When exploited, the attacker could gain the same user rights as the currently logged on user.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Office 2003 Service Pack 3
  • Microsoft Office 2007 Service Pack 2
  • Microsoft Office 2007 Service Pack 3
  • Microsoft Office 2010 (32-bit editions)
  • Microsoft Office 2010 Service Pack 1 (32-bit editions)
  • Microsoft Office 2010 (64-bit editions)
  • Microsoft Office 2010 Service Pack 1 (64-bit editions)
  • Microsoft Office 2008 for Mac
  • Microsoft Office for Mac 2011
  • Microsoft Excel Viewer
  • Microsoft Office Compatibility Pack Service Pack 2
  • Microsoft Office Compatibility Pack Service Pack 3