mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
105 lines
3.4 KiB
JSON
105 lines
3.4 KiB
JSON
{
|
|
"id": "CVE-2010-3231",
|
|
"sourceIdentifier": "secure@microsoft.com",
|
|
"published": "2010-10-13T19:00:45.493",
|
|
"lastModified": "2018-10-12T21:58:22.033",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka \"Excel Record Parsing Memory Corruption Vulnerability.\""
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Microsoft Excel 2002 SP3, Office 2004 y 2008 para Mac, y Open XML File Format Converter para Mac no valida correctamente la informaci\u00f3n de registro, lo cual permite a los atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de documentos Excel manipulados, tambi\u00e9n conocido como \"Excel Record Parsing Memory Corruption Vulnerability\"."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 9.3
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*",
|
|
"matchCriteriaId": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*",
|
|
"matchCriteriaId": "5BA91840-371C-4282-9F7F-B393F785D260"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*",
|
|
"matchCriteriaId": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.us-cert.gov/cas/techalerts/TA10-285A.html",
|
|
"source": "secure@microsoft.com",
|
|
"tags": [
|
|
"US Government Resource"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-080",
|
|
"source": "secure@microsoft.com"
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7475",
|
|
"source": "secure@microsoft.com"
|
|
}
|
|
]
|
|
} |