Intrusion Prevention

MS.Excel.Memory.Heap.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Heap Memory Overwrite vulnerability in Microsoft Excel.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "XLS" file. A remote attacker cany exploit this to execute arbitrary code via a crafted "XLS" file.

Affected Products

Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 (32-bit editions)
Microsoft Office 2010 (64-bit editions)
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office for Mac 2011
Open XML File Format Converter for Mac
Microsoft Excel Viewer Service Pack 2
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
Microsoft Office XP Service Pack 3
http://www.microsoft.com/downloads/details.aspx?familyid=853c0663-94f7-4634-98ad-47ca4b1f7b1e
Microsoft Office 2003 Service Pack 3
http://www.microsoft.com/downloads/details.aspx?familyid=f38f183a-9c64-406b-9bf6-807cb2d55e56
Microsoft Office 2007 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=5b271f87-a279-419f-9437-ded224fa19f1
Microsoft Office 2010 (32-bit editions)
http://www.microsoft.com/downloads/details.aspx?familyid=baba7ec1-4a5e-4e13-9d0e-9085a39a0554
Microsoft Office 2010 (64-bit editions)
http://www.microsoft.com/downloads/details.aspx?familyid=d6e9f422-43b0-4da5-8356-c38482e8eebb
Microsoft Office 2004 for Mac
http://www.microsoft.com/downloads/details.aspx?FamilyID=d12d0868-4f28-4c0a-ab61-338878064b70
Microsoft Office 2008 for Mac
http://www.microsoft.com/downloads/details.aspx?FamilyID=9e2d348b-c753-4eab-838c-370cd5af5e14
Microsoft Office for Mac 2011
http://www.microsoft.com/downloads/details.aspx?FamilyID=3c58555c-1eba-42fe-a10f-b30af9031e44
Open XML File Format Converter for Mac
http://www.microsoft.com/downloads/details.aspx?FamilyID=6118d5f5-b6fd-4584-be25-209534772379
Microsoft Excel Viewer Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=77c1e7e2-207f-46fd-81f2-43a25eddc010
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=3512a033-871d-49ec-a8d2-1b9c7dec4936

CVE References

CVE-2011-1275