This application requires Javascript for optimal performance.

MS.Excel.Drawing.Layer.Dangling.Pointer.Remote.Code.Execution

Release Date

Sep 29, 2011

Severity

high

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Description

This indicates an attack attempt to exploit a Use-After-Free vulnerability in Microsoft Excel.

The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "XLS" file. A remote attacker can exploit this to execute arbitrary code via a crafted "XLS" file.

Affected Products

Microsoft Open XML File Format Converter for Mac
Microsoft Office 2008 for Mac
Microsoft Office 2007 SP2
Microsoft Office 2007 SP1
Microsoft Office 2007
+ Microsoft Access 2007
+ Microsoft Excel 2007
+ Microsoft Groove 2007
+ Microsoft InfoPath 2007
+ Microsoft Office Communicator 2007
+ Microsoft Outlook 2007
+ Microsoft PowerPoint 2007
+ Microsoft Project Professional 2007
+ Microsoft Project Standard 2007
+ Microsoft Publisher 2007
+ Microsoft SharePoint Designer 2007
+ Microsoft Visio Professional 2007
+ Microsoft Visio Standard 2007
Microsoft Office 2004 for Mac
Microsoft Office 2003 SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP1
Microsoft Office 2003
+ Microsoft Excel 2003
+ Microsoft FrontPage 2003
+ Microsoft InfoPath 2003
+ Microsoft OneNote 2003
+ Microsoft Outlook 2003
+ Microsoft PowerPoint 2003
+ Microsoft Publisher 2003
Microsoft Excel 2007 SP2
Microsoft Excel 2007 SP1
Microsoft Excel 2007

Recommended Actions

Apply the latest update from the vendor.

Microsoft Office 2008 for Mac
Microsoft Office2008-1229UpdateEN.dmg
http://www.microsoft.com/downloads/details.aspx?FamilyID=84dfe3f4-a2a1-47b9-8da1-29ae67230918

Microsoft Office 2003 SP3
Microsoft office2003-KB2509503-FullFile-ENU.exe
http://www.microsoft.com/downloads/details.aspx?familyid=8b68cf68-1606-4649-b860-a64702c6cf33

Microsoft Open XML File Format Converter for Mac 0
Microsoft OpenXMLConverter119.dmg
http://www.microsoft.com/downloads/details.aspx?FamilyID=0c323a12-6385-4666-ad39-a9516a8eda14

Microsoft Office 2004 for Mac
Microsoft Office2004-1163UpdateEN.dmg
http://www.microsoft.com/downloads/details.aspx?FamilyID=f756d836-6ab2-4adb-9dee-6cb523d7c1f5

Microsoft Office 2007 SP2
Microsoft Office2007-kb2509488-fullfile-x86-glb.exe
http://www.microsoft.com/downloads/details.aspx?familyid=dbba0cd4-ab72-4e2b-9524-fd6be27f0b02

Coverage

IPS
VCM

Common Vulnerabilities and Exposures (CVE)

CVE-2011-0977

Reference/s

http://www.zerodayinitiative.com/advisories/ZDI-11-043/
http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft
http://technet.microsoft.com/en-us/security/bulletin/ms11-023.mspx (MS-ID)
http://www.securityfocus.com/bid/46227 (BugTraq)

Reference: VID-29200