Microsoft Excel Substream Parsing Integer Overflow

Added: 11/08/2011
CVE: CVE-2011-0097
OSVDB: 71758

Background

Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms.

Problem

Microsoft Excel 2007 versions lacking the patch (KB2464583) detailed in Microsoft Security Advisory MS11-021 contain an integer overflow vulnerability when parsing data included in a 400h substream. An attacker who entices a user to open a specially formatted Excel document may be able to execute arbitrary code on the user's system.

Resolution

Apply the patch outlined in Microsoft Security Advisory MS11-021.

References

http://technet.microsoft.com/en-us/security/bulletin/MS11-021
http://secunia.com/advisories/39122/

Limitations

Exploit works on Microsoft Excel 2007 SP2.

This exploit requires the Compress-Zlib PERL module, which is available from cpan.org.

Platforms

Windows XP
Windows 7

Back to exploit index