Lucene search
AnonymousZDI-12-184HistoryNov 15, 2012 - 12:00 a.m.
Microsoft Excel Feature11/Feature12 Record Trusted Counter Remote Code Execution Vulnerability
2012-11-1500:00:00
Anonymous
www.zerodayinitiative.com
15
0.924 High
EPSS
Percentile
99.0%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Excel’s parsing of Feature11/Feature12 records. The process trusts a supplied counter value without validating its size and proceeds to use it within a copy operation to the stack. An attacker can abuse this to execute arbitrary code under the context of the user running Excel.
Related
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2012-2543
2012-11-14 00:55:01
symantec
symantec
cvelist
cvelist
CVE-2012-2543
2012-11-14 00:00:00
prion
prion
Stack overflow
2012-11-14 00:55:00
cve
cve
CVE-2012-2543
2012-11-14 00:55:01
openvas
openvas
Microsoft Office Remote Code Execution Vulnerabilities (2720184) - Mac OS X
2012-11-14 00:00:00
Microsoft Office Remote Code Execution Vulnerabilities (2720184)
2012-11-14 00:00:00
Microsoft Office Remote Code Execution Vulnerabilities - 2720184 (Mac OS X)
2012-11-14 00:00:00
securityvulns
securityvulns
Microsoft Excel multiple security vulnerabilities
2012-11-18 00:00:00
nessus
nessus
mskb
mskb