Lucene search
SAINT CorporationSAINT:333D5446C7DD2987A431C5E041EB025CHistoryOct 20, 2010 - 12:00 a.m.
Microsoft Office Excel RTD Topic String Buffer Overflow
2010-10-2000:00:00
SAINT Corporation
www.saintcorporation.com
17
0.952 High
EPSS
Percentile
99.1%
Added: 10/20/2010
CVE: CVE-2010-1246
BID: 40524
OSVDB: 65238
Background
Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms.
Problem
Microsoft Office Excel 2002 is vulnerable to a buffer overflow when parsing Real Time Data (RTD) Future Record Types (FRT) records (record type 0x813) with a malformed Topic string (rgchTopic) in an Excel file.
Resolution
Apply the update referenced in Microsoft Security Bulletin 10-038.
References
<http://secunia.com/advisories/37500/>
Limitations
Exploit works on Microsoft Excel 2002 SP3 and requires the user to open the exploit file in Excel.
It may take some time to establish the shell session as the exploit needs to search the shellcode in memory.
Platforms
Windows
Related
seebug
seebug
Excel RTD - Memory Corruption
2014-07-01 00:00:00
prion
prion
Stack overflow
2010-06-08 20:30:00
securityvulns
securityvulns
packetstorm
packetstorm
Month Of Abysssec Undisclosed Bugs - Excel RTD Memory Corruption
2010-09-11 00:00:00
saint
saint
Microsoft Office Excel RTD Topic String Buffer Overflow
2010-10-20 00:00:00
Microsoft Office Excel RTD Topic String Buffer Overflow
2010-10-20 00:00:00
Microsoft Office Excel RTD Topic String Buffer Overflow
2010-10-20 00:00:00
cve
cve
CVE-2010-1246
2010-06-08 20:30:00
checkpoint_advisories
checkpoint_advisories
exploitpack
exploitpack
Excel RTD - Memory Corruption
2010-09-10 00:00:00
exploitdb
exploitdb
Excel RTD - Memory Corruption
2010-09-10 00:00:00
openvas
openvas
Microsoft Office Excel Remote Code Execution Vulnerabilities (2027452)
2010-06-09 00:00:00
Microsoft Office Excel Remote Code Execution Vulnerabilities (2027452)
2010-06-09 00:00:00
nessus
nessus