CVE-2010-3240

Name: CVE-2010-3240
Creator: NVD / NIST
Published: 2010-10-13T19:00:46.04+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 21.41%

Last modified Jun 16, 2026

CVE-2010-3240 is a vulnerability of currently unknown severity. Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Real Time Data Array Record Vulnerability.". EPSS estimates a 21.41% chance of exploitation in the next 30 days.

Description

Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Real Time Data Array Record Vulnerability."

Metrics

EPSS Probability

21.41%

97.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions	Update
Microsoft	Excel	2002	Sp3
Microsoft	Excel	2007	Sp2
Microsoft	Excel Viewer	All versions	Sp2
Microsoft	Office Compatibility Pack	2007	Sp2

References

Timeline

Published: Oct 13, 2010
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2010-3240?

How severe is CVE-2010-3240?

Severity scoring for CVE-2010-3240 is pending analysis. The EPSS model estimates a 21.41% probability of exploitation in the next 30 days.

How do I fix CVE-2010-3240?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-3240?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST