Microsoft Windows Excel Memory Corruption Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	06/08/2010
Severity:	Medium
Operating Systems Affected:	Microsoft Windows
Application Affected:	Microsoft Office Excel 2002 SP 3 Microsoft Office Excel 2003 SP 3 Microsoft Office Excel 2007 SP 1 Microsoft Office Excel 2007 SP 2 Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac Microsoft Office Excel Viewer SP 1 Microsoft Office Excel Viewer SP 2 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP 1 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP 2
Identifiers:	CVE-2010-0823 CVE-2010-1247 CVE-2010-1249

Synopsis

Microsoft Excel is vulnerable to memory corruption attack that allows remote attacker to take control of victim machine.

Recommended Actions

Patch is available from vendor.
http://www.microsoft.com/technet/security/Bulletin/MS10-038.mspx

Threat Analysis

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data and macros that populate spreadsheet cells, and so on.

There is a memory corruption vulnerability found it. This issue exists as application failed to parse the specially crafted XLS file records and leads to memory corruption.

Remote attacker to exploit the victim machine installed with vulnerable version of the application. Attacker can take control of victim machine on successful attempt.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0823 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1247 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1249

Write-up by: Vikrant