Preemptive Protection against Microsoft Office Excel HLink Record Remote Code Execution Vulnerability (MS11-021)
| Check Point Reference: | CPAI-2011-204 | |
| Date Published: | ||
| Preemptive Since: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS11-021 | |
| Industry Reference(s): | CVE-2011-0104 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Microsoft Excel 2002 SP3
Microsoft Excel 2003 SP3
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
| ||
| Vulnerability Description A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS11-021 |
|
|
Vulnerability Details The vulnerability is due to a memory handling error in Microsoft Office Excel during validation of record information while parsing a specially crafted Excel file. A remote attacker could trigger this flaw by convincing a victim to open a malicious Office file. Successful exploitation of this issue may corrupt system memory, allowing execution of arbitrary code on a vulnerable system. |
Protection Overview
This protection will detect and block the transferring of malformed Excel files over HTTP. No update is required to address this vulnerability.
Users are protected against this vulnerability if the protection against crafted Microsoft Office Excel files found in the Protection section of CPAI-2006-253 has been applied.
To configure the defense, select your product from the list below and follow the related protection steps.