Microsoft Office Remote Code Execution Vulnerabilities-2663830 (Mac OS X) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS12-030.

Impact

Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running the affected application. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/MS12-030

Insight

The flaws are due to errors while handling OBJECTLINK record, SXLI record, MergeCells record and an mismatch error when handling the Series record within Excel files.

Affected

Microsoft Office 2008 for Mac Microsoft Office 2011 for Mac

References

http://forums.cnet.com/7726-6132_102-5308979.html
http://secunia.com/advisories/49112/
http://technet.microsoft.com/en-us/security/bulletin/MS12-030

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0141, CVE-2012-0142, CVE-2012-0143, CVE-2012-0184, CVE-2012-1847
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
Apple Mac OS X 'i386_set_ldt()' Privilege Escalation Vulnerability
Microsoft Silverlight Security Bypass Vulnerability (2932677) (Mac OS X)
Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)
Microsoft Office Remote Code Execution Vulnerabilities-2663830 (Mac OS X)

Take action and discover your vulnerabilities