Signature Detail

HTTP: Microsoft Office Excel FNGROUPNAME Record Memory Corruption

This signature detects attempts to exploit a known memory corruption vulnerability in Microsoft Office Excel. It is due to the way Microsoft Office Excel handles Excel files containing a malformed set of records, causing uninitialized memory to be accessed. Remote attackers can exploit this by enticing target users to open a malicious Excel file. In a successful attack, arbitrary code is injected and executed on the target machine; the target behavior is dependent on the intention of the malicious code. In an unsuccessful attack, the application can terminate as a result of memory corruption.

Extended Description

Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel ('.xls') file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.

Affected Products

• Microsoft Excel 2003 SP3
• Microsoft Excel 2004 for Mac
• Microsoft Excel 2007 SP1
• Microsoft Excel 2007 SP2
• Microsoft Excel 2007

References

• BugTraq: 38553
• CVE: CVE-2010-0262