ID CVE-2011-1983
Summary Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability."
References
Vulnerable Configurations
  • Microsoft Office 2007 Service Pack 2
    cpe:2.3:a:microsoft:office:2007:sp2
  • Microsoft Office 2007 Service Pack 3
    cpe:2.3:a:microsoft:office:2007:sp3
  • cpe:2.3:a:microsoft:office:2010:-:x32
    cpe:2.3:a:microsoft:office:2010:-:x32
  • cpe:2.3:a:microsoft:office:2010:-:x64
    cpe:2.3:a:microsoft:office:2010:-:x64
  • cpe:2.3:a:microsoft:office:2010:sp1:x32
    cpe:2.3:a:microsoft:office:2010:sp1:x32
  • Microsoft Office 2010 Service Pack 1 for 64 bit systems (x64)
    cpe:2.3:a:microsoft:office:2010:sp1:x64
  • Microsoft Office 2011 Mac
    cpe:2.3:a:microsoft:office:2011:-:mac
CVSS
Base: 9.3 (as of 14-12-2011 - 12:27)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
msbulletin via4
bulletin_id MS11-089
bulletin_url
date 2011-12-13T00:00:00
impact Remote Code Execution
knowledgebase_id 2590602
knowledgebase_url
severity Important
title Vulnerability in Microsoft Office Could Allow Remote Code Execution
nessus via4
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS11-089.NASL
    description The version of Microsoft Office installed on the remote host has a use-after-free vulnerability. A remote attacker could exploit this by tricking a user into opening a specially crafted Word file, resulting in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 57275
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57275
    title MS11-089: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_MS_OFFICE_DEC2011.NASL
    description The remote Mac OS X host is running a version of Microsoft Office that is affected by the following vulnerabilities : - A use-after-free vulnerability could be triggered when reading a specially crafted Word file. (CVE-2011-1983) - A memory corruption vulnerability could be triggered when reading a specially crafted Excel file. (CVE-2011-3403) - A memory corruption vulnerability could be triggered when reading an invalid record in a specially crafted PowerPoint file. (CVE-2011-3413) If a remote attacker can trick a user into opening a malicious file using the affected install, these vulnerabilities could be leveraged to execute arbitrary code subject to the user's privileges.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 57286
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57286
    title MS11-089 / MS11-094 / MS11-096 : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2590602 / 2639142 / 2640241) (Mac OS X)
oval via4
  • accepted 2012-03-05T04:00:07.990-05:00
    class vulnerability
    contributors
    • name Josh Turpin
      organization Symantec Corporation
    • name Josh Turpin
      organization Symantec Corporation
    definition_extensions
    • comment Microsoft Windows XP (x86) SP3 is installed
      oval oval:org.mitre.oval:def:5631
    • comment Microsoft Windows XP x64 Edition SP2 is installed
      oval oval:org.mitre.oval:def:4193
    • comment Microsoft Windows Server 2003 SP2 (x64) is installed
      oval oval:org.mitre.oval:def:2161
    • comment Microsoft Windows Server 2003 SP2 (x86) is installed
      oval oval:org.mitre.oval:def:1935
    • comment Microsoft Windows Server 2003 (ia64) SP2 is installed
      oval oval:org.mitre.oval:def:1442
    • comment Microsoft Windows Vista (32-bit) Service Pack 2 is installed
      oval oval:org.mitre.oval:def:6124
    • comment Microsoft Windows Vista x64 Edition Service Pack 2 is installed
      oval oval:org.mitre.oval:def:5594
    • comment Microsoft Windows Server 2008 (32-bit) Service Pack 2 is installed
      oval oval:org.mitre.oval:def:5653
    • comment Microsoft Windows Server 2008 x64 Edition Service Pack 2 is installed
      oval oval:org.mitre.oval:def:6216
    • comment Microsoft Windows Server 2008 Itanium-Based Edition Service Pack 2 is installed
      oval oval:org.mitre.oval:def:6150
    • comment Microsoft Windows 7 (32-bit) is installed
      oval oval:org.mitre.oval:def:6165
    • comment Microsoft Windows 7 x64 Edition is installed
      oval oval:org.mitre.oval:def:5950
    • comment Microsoft Windows Server 2008 R2 x64 Edition is installed
      oval oval:org.mitre.oval:def:6438
    • comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
      oval oval:org.mitre.oval:def:5954
    • comment Microsoft Windows 7 (32-bit) Service Pack 1 is installed
      oval oval:org.mitre.oval:def:12292
    • comment Microsoft Windows 7 x64 Service Pack 1 is installed
      oval oval:org.mitre.oval:def:12627
    • comment Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
      oval oval:org.mitre.oval:def:12567
    • comment Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed
      oval oval:org.mitre.oval:def:12583
    description Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted ClickOnce application in a Microsoft Office document, related to .application files, aka "Assembly Execution Vulnerability."
    family windows
    id oval:org.mitre.oval:def:14197
    status accepted
    submitted 2012-01-10T13:00:00
    title Assembly Execution Vulnerability
    version 70
  • accepted 2014-05-26T04:00:07.467-04:00
    class vulnerability
    contributors
    • name Josh Turpin
      organization Symantec Corporation
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    • comment Microsoft Office 2007 SP2 is installed
      oval oval:org.mitre.oval:def:15607
    • comment Microsoft Office 2007 SP3 is installed
      oval oval:org.mitre.oval:def:15704
    • comment Microsoft Office 2010 is installed
      oval oval:org.mitre.oval:def:12061
    description Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability."
    family windows
    id oval:org.mitre.oval:def:14558
    status accepted
    submitted 2011-12-13T13:00:00
    title TrueType Font Parsing Vulnerability
    version 21
refmap via4
cert TA11-347A
ms MS11-089
sectrack 1026409
Last major update 29-01-2013 - 23:39
Published 13-12-2011 - 19:55
Last modified 12-10-2018 - 18:01
Back to Top