Signature Detail

HTTP: Microsoft Excel FRTWrapper Record Buffer Overflow

This signature detects attempts to exploit a known buffer overflow vulnerability in Microsoft Excel product. It is specifically due to improper parsing of Excel documents containing specially crafted FRTWrapper records. Remote attackers can exploit this by enticing target users to open a crafted Excel file, potentially causing arbitrary code to be injected and executed in the security context of the current user. In a successful attack, where arbitrary code is injected and executed on the target machine, the behavior of the target is dependent on the intention of the malicious code. In an unsuccessful attack, the vulnerable application can terminate as a result of invalid memory access. If unexpected termination of the application is the sole result of an attack, there is no impact to the overall operation of the target host. It is, however, possible to lose all unsaved data due to the abnormal termination.

Extended Description

Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

Affected Products

• Microsoft excel_2000 SP2
• Microsoft excel_2000 SP3
• Microsoft excel_2000 SR1
• Microsoft excel_2000
• Microsoft excel_2002 SP1
• Microsoft excel_2002 SP2
• Microsoft excel_2002 SP3
• Microsoft excel_2002
• Microsoft excel_2003 SP1
• Microsoft excel_2003 SP2
• Microsoft excel_2003 SP3
• Microsoft excel_2003
• Microsoft excel_2007 SP1
• Microsoft excel_2007
• Microsoft excel_viewer
• Microsoft office_2004_for_mac
• Microsoft office_2008_for_mac
• Microsoft office_compatibility_pack_2007 SP1
• Microsoft office_compatibility_pack_2007
• Microsoft office_excel_viewer_2003 SP3
• Microsoft office_excel_viewer_2003
• Microsoft open_xml_file_format_converter_for_mac

References

• BugTraq: 31705
• CVE: CVE-2008-3471