Microsoft Windows Excel Record Parsing Code Memory Corruption Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	06/08/2010
Severity:	Medium
Operating Systems Affected:	Microsoft Windows
Application Affected:	Microsoft Office Excel 2002 SP 3 Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac
Identifiers:	CVE-2010-1245

Synopsis

Microsoft Excel is vulnerable to memory corruption attack that allows remote attacker to take control of victim machine.

Recommended Actions

Patch is available from vendor.
http://www.microsoft.com/technet/security/Bulletin/MS10-038.mspx

Threat Analysis

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data and macros that populate spreadsheet cells, and so on.

There is a memory corruption vulnerability found it. This issue exists as application failed to parse the specially crafted XLS file records and leads to memory corruption.

Remote attacker to exploit the victim machine installed with vulnerable version of the application. Attacker can take control of victim machine on successful attempt.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1245

Write-up by: Vikrant