Microsoft Excel Substream Parsing Integer Overflow

Added: 11/08/2011
CVE: CVE-2011-0097
OSVDB: 71758


Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms.


Microsoft Excel 2007 versions lacking the patch (KB2464583) detailed in Microsoft Security Advisory MS11-021 contain an integer overflow vulnerability when parsing data included in a 400h substream. An attacker who entices a user to open a specially formatted Excel document may be able to execute arbitrary code on the user's system.


Apply the patch outlined in Microsoft Security Advisory MS11-021.



Exploit works on Microsoft Excel 2007 SP2.

This exploit requires the Compress-Zlib PERL module, which is available from


Windows XP
Windows 7

Back to exploit index