Microsoft Excel SLK File Parsing Buffer Overflow

2011-08-15T00:00:00
ID SAINT:E340427B2DB16A1A0B508A5B99066414
Type saint
Reporter SAINT Corporation
Modified 2011-08-15T00:00:00

Description

Added: 08/15/2011
CVE: CVE-2011-1276
BID: 48161
OSVDB: 72924

Background

Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms.

Problem

Microsoft Office Excel is vulnerable to remote code execution due to improper boundary checking while parsing SLK data exchange files that results in buffer overflow. A remote attacker can exploit this vulnerability by enticing a target user to open a malicious Excel file, potentially causing arbitrary code to be injected and executed in the security context of the currently logged on user.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 11-045.

References

<http://secunia.com/advisories/44901/>

Limitations

Exploit works on Microsoft Excel 2002 SP3 on Windows XP SP3 English (DEP OptIn) with KB2483185.

The target user must open the exploit file in Microsoft Excel 2002 SP3.

Platforms

Windows