Signature Detail

HTTP: Microsoft Office Excel RTD Buffer Overflow

This signature detects attempts to exploit a known buffer overflow vulnerability in Microsoft Office Excel. It is due to a flaw while parsing specially crafted RealTimeData (RTD) records within Excel files. In a successful attack, where arbitrary code is injected and executed on the target machine, the behavior of the target is dependent on the intention of the malicious code. In an unsuccessful attack, the vulnerable application can terminate.

Extended Description

Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel ('.xls') file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.

Affected Products

• Avaya Meeting Exchange - Client Registration Server
• Avaya Meeting Exchange - Recording Server
• Avaya Meeting Exchange - Streaming Server
• Avaya Meeting Exchange - Web Conferencing Server
• Avaya Meeting Exchange - Webportal
• Avaya Messaging Application Server 4
• Avaya Messaging Application Server 5
• Avaya Messaging Application Server MM 1.1
• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Avaya Messaging Application Server
• Microsoft Excel 2002 SP1
• Microsoft Excel 2002 SP2
• Microsoft Excel 2002 SP3
• Microsoft Excel 2002

References

• BugTraq: 40524
• CVE: CVE-2010-1246