Signature Detail
Short Name |
HTTP:STC:DL:XLS-MDXTUPLE-BIFF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Office Excel MDXTUPLE Record Heap Buffer Overflow |
Release Date |
2010/10/18 |
Update Number |
1794 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Office Excel MDXTUPLE Record Heap Buffer Overflow
This signature detects attempts to exploit a known buffer overflow vulnerability in Microsoft Office Excel. It is due to a flaw while parsing MDXTUPLE BIFF records. Remote attackers can exploit this by enticing target users to open a malicious Excel file, potentially causing arbitrary code to be injected and executed in the security context of the currently logged on user. In an successful attack, the behavior of the target is dependent on the logic of the malicious code. In an unsuccessful attack, the vulnerable application can terminate abnormally.
Extended Description
Microsoft Excel is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel ('.xls') file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.
Affected Products
- Microsoft Excel 2007 SP1
- Microsoft Excel 2007 SP2
- Microsoft Excel 2007
- Microsoft Excel Viewer SP1
- Microsoft Excel Viewer SP2
- Microsoft Excel Viewer
- Microsoft Office Compatibility Pack 2007 SP1
- Microsoft Office Compatibility Pack 2007 SP2
- Microsoft Office Compatibility Pack 2007
References
- BugTraq: 38551
- CVE: CVE-2010-0260