Signature Detail

HTTP: Microsoft Office Excel XLSX File XML Decompression Parsing Code Execution

A code execution vulnerability exists in Microsoft Office Excel. The vulnerability is due to improper handling of the ZIP header in an XLSX file when decompressing certain XML elements. This vulnerability may be exploited by remote attackers to execute arbitrary code on the target machine by enticing a user into opening a specially crafted Excel XLSX document. In attack scenarios where code execution is successful the behaviour of the target machine would depend entirely on the intention of the injected code, which would run within the security context of the logged on user. In situations where code execution is not successful, the vulnerable application may terminate abnormally, leading to a denial of service condition.

Extended Description

Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims to open a specially crafted 'XLXS' Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.

Affected Products

• Microsoft Excel 2007 SP1
• Microsoft Excel 2007 SP2
• Microsoft Excel 2007
• Microsoft Excel 2008 for Mac
• Microsoft Excel Viewer SP1
• Microsoft Excel Viewer SP2
• Microsoft Excel Viewer
• Microsoft Office Compatibility Pack 2007 SP1
• Microsoft Office Compatibility Pack 2007 SP2
• Microsoft Office Compatibility Pack 2007
• Microsoft Open XML File Format Converter for Mac
• Microsoft SharePoint Server 2007 SP1
• Microsoft SharePoint Server 2007 SP2
• Microsoft SharePoint Server 2007
• Microsoft SharePoint Server 2007 x64 SP1
• Microsoft SharePoint Server 2007 x64 SP2
• Microsoft SharePoint Server 2007 x64

References

• BugTraq: 38554
• CVE: CVE-2010-0263