Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:XLS-SCENARIO |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Excel Malformed Scenario Record Remote Code Execution |
Release Date |
2011/06/13 |
Update Number |
1937 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Microsoft Excel Malformed Scenario Record Remote Code Execution
This signature detects attempts to exploit a known issue with Microsoft Excel. A successful attack can lead to arbitrary code execution.
Extended Description
Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in a denial-of-service condition.
Affected Products
- Microsoft excel_2002 SP1
- Microsoft excel_2002 SP2
- Microsoft excel_2002 SP3
- Microsoft excel_2002
- Microsoft office_2004_for_mac
- Microsoft office_2008_for_mac
- Microsoft office_2011_for_mac
- Microsoft open_xml_file_format_converter_for_mac
References
- BugTraq: 48160
- CVE: CVE-2011-1275