Microsoft Excel File Format Parsing Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	10/14/2008
Severity:	High
Applications Affected:	Microsoft Office 2000 SP3 Microsoft Office XP SP3 Microsoft Office 2003 SP2 Microsoft Office 2003 SP3 Microsoft Office Excel Viewer 2003 Microsoft Office Excel Viewer 2003 SP3 Microsoft Office Excel Viewer

Synopsis

Microsoft Excel is prone to a file format vulnerability. The vulnerability exists in the way of improper memory allocation when loading Excel objects. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed object.

Recommended Actions

Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-057.mspx

Threat Analysis

A vulnerability exists in Microsoft Excel that allows an attacker to execute remote code when opening a specially crafted attacker-supplied Excel spreadsheet. The specific flaw exists in the way Microsoft Excel parses the Excel spreadsheet file format.

An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs, view, change, delete data or create new accounts with full user rights.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3471

Write-up by: Aditya Chaturvedi

Security Sites

“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”

Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner

| | | | | | | | |