MS.Office.VBA.Module.Stream.Use.After.Free.Memory.Corruption

Release Date Dec 13, 2011
Severity critical
Impact System Compromise: Remote attackers can gain control of vulnerable systems.
Description This indicates an attack attempt to exploit a Memory Corruption vulnerability in Microsoft Office. This issue is caused by an error when handling a "xls" file with malformed VBA streams. It can be exploited via a crafted "xls" file, leading to remote code execution.
Affected Products Microsoft Office 2003 Microsoft Office 2007 Microsoft Office 2010
Recommended Actions Currently we are not aware of any vendor supplied patch for this issue.
Coverage IPS VCM
Reference/s http://aluigi.altervista.org/adv/excel_1-adv.txt

Fortinet