Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:XLS-INV-DRAW |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Excel Invalid Drawing Object |
Release Date |
2010/11/08 |
Update Number |
1811 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Microsoft Excel Invalid Drawing Object
This signature detects attempts to exploit a known vulnerability against Microsoft Office Excel. A successful attack can lead to arbitrary code execution.
Extended Description
Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing an unsuspecting victim to open a malicious Office file. Successfully exploiting this issue would allow the attacker to corrupt memory and execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will result in a denial-of-service condition.
Affected Products
- Microsoft office_2003 SP1
- Microsoft office_2003 SP2
- Microsoft office_2003
- Microsoft office_2004_for_mac
- Microsoft office_2007 SP1
- Microsoft office_2007 SP2
- Microsoft office_2007
- Microsoft office_2008_for_mac
- Microsoft office_2010
- Microsoft office_2010_(32-bit_edition)
- Microsoft office_2010_(64-bit_edition)
- Microsoft office_2011_for_mac
- Microsoft office_xp SP1
- Microsoft office_xp SP2
- Microsoft office_xp SP3
- Microsoft office_xp
- Microsoft open_xml_file_format_converter_for_mac
References
- BugTraq: 44659
- CVE: CVE-2010-3335