Microsoft Excel DbOrParamQry memory corruption

Added: 03/11/2010
CVE: CVE-2010-0264
BID: 38555
OSVDB: 62823

Background

Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms.

Problem

A memory corruption vulnerability in Microsoft Excel allows command execution when a user opens an XLS file containing a specially crafted DbOrParamQry record.

Resolution

Apply the patch referenced in MS10-017.

References

http://archives.neohapsis.com/archives/fulldisclosure/2010-03/0174.html

Limitations

Exploit works on Microsoft Office Excel 2002 and requires a user to open the exploit file in Microsoft Excel. The file then needs to be closed before the exploit can succeed. There may be a delay before the shell connection is established.

There may be a delay after the exploit is started before it can begin handling HTTP requests.

The PERL modules 'IO::Uncompress' and 'Compress::Zlib' are required by this exploit.

Platforms

Windows

Back to exploit index