This application requires Javascript for optimal performance.

MS.Excel.SLK.Buffer.Overflow

Release Date Sep 23, 2011
Severity high
Impact System Compromise: Remote attackers can gain control of vulnerable systems.
Description This indicates an attack attempt to exploit a Heap Memory Overwrite vulnerability in Microsoft Excel. The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "SLK" file. A remote attacker may exploit this to execute arbitrary code via a crafted "SLK" file.
Affected Products Microsoft Office XP Service Pack 3 Microsoft Office 2003 Service Pack 3 Microsoft Office 2007 Service Pack 2 Microsoft Office 2010 (32-bit editions) Microsoft Office 2010 (64-bit editions) Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Microsoft Office for Mac 2011 Open XML File Format Converter for Mac Microsoft Excel Viewer Service Pack 2 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Recommended Actions Apply the latest update from the vendor. Microsoft Office XP Service Pack 3 http://www.microsoft.com/downloads/details.aspx?familyid=853c0663-94f7-4634-98ad-47ca4b1f7b1e Microsoft Office 2003 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?familyid=f38f183a-9c64-406b-9bf6-807cb2d55e56 Microsoft Office 2007 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=5b271f87-a279-419f-9437-ded224fa19f1 Microsoft Office 2010 (32-bit editions) http://www.microsoft.com/downloads/details.aspx?familyid=baba7ec1-4a5e-4e13-9d0e-9085a39a0554 Microsoft Office 2010 (64-bit editions) http://www.microsoft.com/downloads/details.aspx?familyid=d6e9f422-43b0-4da5-8356-c38482e8eebb Microsoft Office 2004 for Mac http://www.microsoft.com/downloads/details.aspx?FamilyID=d12d0868-4f28-4c0a-ab61-338878064b70 Microsoft Office 2008 for Mac http://www.microsoft.com/downloads/details.aspx?FamilyID=9e2d348b-c753-4eab-838c-370cd5af5e14 Microsoft Office for Mac 2011 http://www.microsoft.com/downloads/details.aspx?FamilyID=3c58555c-1eba-42fe-a10f-b30af9031e44 Open XML File Format Converter for Mac http://www.microsoft.com/downloads/details.aspx?FamilyID=6118d5f5-b6fd-4584-be25-209534772379 Microsoft Excel Viewer Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=77c1e7e2-207f-46fd-81f2-43a25eddc010 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=3512a033-871d-49ec-a8d2-1b9c7dec4936
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2011-1276
Reference/s http://technet.microsoft.com/en-us/security/bulletin/MS11-045.mspx (MS-ID)

Reference: VID-29251

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2012 Fortinet Inc. All Rights Reserved