Release DateMar 10, 2010 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a memory corruption vulnerability in Microsoft Office Excel.The vulnerability is caused by an error when the vulnerable software is parsing a malformed ".xlsx" file. It may allow remote attackers to execute arbitrary code by sending a crafted XLSX file. |
Affected ProductsMicrosoft Office Excel 2007 Service Pack 1 and Microsoft Office Excel 2007 Service Pack 2Microsoft Office 2008 for Mac Open XML File Format Converter for Mac Microsoft Office Excel Viewer Service Pack 1 and Microsoft Office Excel Viewer Service Pack 2 Microsoft Office Compatibility Pack for Word, Excel, an Microsoft Office SharePoint Server 2007 Service Pack 1 (32-bit editions) and Microsoft Office SharePoint Server 2007 Service Pack 2 (32-bit editions) Microsoft Office SharePoint Server 2007 Service Pack 1 (64-bit editions) and Microsoft Office SharePoint Server 2007 Service Pack 2 (64-bit editions) |
Recommended ActionsRefer to the vendor's web site for suggested workaround.http://www.microsoft.com/technet/security/Bulletin/ms10-017.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2010-0263 |
Reference/shttp://www.microsoft.com/technet/security/Bulletin/ms10-017.mspx (MS-ID) |