Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1982

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1982
Last Modified 04 Jun 2012 12:00:00
Published 15 Sep 2011 08:26:48
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1982

Summary

Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize an unspecified object pointer during the opening of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Office Uninitialized Object Pointer Vulnerability."

Vulnerable Systems

Application

  • Microsoft Office 2007

  • Microsoft Office 2010


References

CERT - TA11-256A

CERT-VN - VU#909022

MS - MS11-073

Related Patches

MS11-073 Security Update for Microsoft Office 2010, 32-Bit Edition (KB2584066)

MS11-073 Security Update for Microsoft Office 2010, 64-Bit Edition (KB2584066)


Last Updated: 27 May 2016 10:56:52