Signature Detail

HTTP: Microsoft Office Excel Binary Format Parsing Integer Overflow

This signature detects attempts to exploit a known vulnerability against Microsoft Excel. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft Excel is prone to an integer-overflow vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

Affected Products

• Microsoft Excel 2000 SP2
• Microsoft Excel 2000 SP3
• Microsoft Excel 2000 SR1
• Microsoft Excel 2000
• Microsoft Excel 2000
• Microsoft Excel 2002 SP1
• Microsoft Excel 2002 SP2
• Microsoft Excel 2002 SP3
• Microsoft Excel 2002
• Microsoft Excel 2003 SP1
• Microsoft Excel 2003 SP2
• Microsoft Excel 2003 SP3
• Microsoft Excel 2003
• Microsoft Excel 2004 for Mac
• Microsoft Excel 2007 SP1
• Microsoft Excel 2007 SP2
• Microsoft Excel 2007
• Microsoft Excel 2008 for Mac
• Microsoft Excel Viewer SP3
• Microsoft Excel Viewer
• Microsoft Office Compatibility Pack 2007 SP1
• Microsoft Office Compatibility Pack 2007 SP2
• Microsoft Office Compatibility Pack 2007
• Microsoft Office Excel Viewer 2003 SP3
• Microsoft Office Excel Viewer 2003
• Microsoft Open XML File Format Converter for Mac
• Microsoft SharePoint Server 2007 SP1
• Microsoft SharePoint Server 2007 SP2
• Microsoft SharePoint Server 2007
• Microsoft SharePoint Server 2007 x64 SP1
• Microsoft SharePoint Server 2007 x64 SP2
• Microsoft SharePoint Server 2007 x64

References

• BugTraq: 35245
• CVE: CVE-2009-0561