SB2011041202 - Multiple vulnerabilities in Microsoft Excel

Security Bulletin ID SB2011041202

Severity

Critical

Patch available

YES

Number of vulnerabilities 9

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 9 secuirty vulnerabilities.

1) Resource Management Errors (CVE-ID: CVE-2011-0980)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to improper management of data structures when parsing Office Arts objects. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

2) Memory corruption (CVE-ID: CVE-2011-0979)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to improper management of members of a data structures while parsing Office Art records in Excel spreadsheets. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

3) Stack-based buffer overflow (CVE-ID: CVE-2011-0978)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to array indexing error when validating record information. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger stack-based buffer overlow and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

4) Buffer overflow (CVE-ID: CVE-2011-0105)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to buffer overflow when data initialization. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

5) Buffer overflow (CVE-ID: CVE-2011-0104)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to buffer overflow during validation of record information. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

6) Memory corruption (CVE-ID: CVE-2011-0103)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when handling malformed documents. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

7) Memory corruption (CVE-ID: CVE-2011-0101)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when validating record information within the methods used for RealTimeData Record Parsing. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

8) Heap-based buffer overflow (CVE-ID: CVE-2011-0098)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when parsing record information. A remote attacker can create a specially crafted Excel file with a large record size, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

9) Integer Underflow (CVE-ID: CVE-2011-0097)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to integer underflow when parsing record information. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Remediation

Install update from vendor's website.

References

https://technet.microsoft.com/en-us/library/security/ms11-021.aspx

SB2011041202 - Multiple vulnerabilities in Microsoft Excel

Breakdown by Severity

Description

Remediation

References

Please verify you're human