Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Four Remote Code Execution Vulnerabilities Discovered in Microsoft Excel


Microsoft Security Bulletin MS12-076 )

Summary


Four vulnerabilities have been found in Microsoft Excel, with three being ranked Critical in severity and one ranked High. A remote attacker could exploit any of these issues to take complete control of a targeted system. The Check Point IPS Software Blade provides protection against all of these issues in the latest IPS release.

Details

Remote code execution vulnerabilities exist in the way that Microsoft Excel handles specially crafted Excel files. An attacker who successfully exploits any of these vulnerabilities could take complete control of a targeted system. The attacker could then install programs; view, change, or delete data; and/or create new accounts with full user rights.

Affected Products


Please consult the Check Point Protection links in the table below to determine which versions of Excel are affected by each issue.

Solution

The Check Point IPS Software Blade provides immediate network protection against all of these issues in the latest IPS update by detecting and blocking transferal of malformed Excel files. The following table lists each vulnerability with its severity as well as the associated CVE reference and Check Point Protection.

Microsoft Excel VulnerabilitySeverityIndustry ReferenceCheck Point Protection
SerAuxErrBar Heap Overflow Critical CVE-2012-1885 CPAI-2012-402
Malformed File Memory Corruption Critical CVE-2012-1886 CPAI-2012-790
SST Invalid Length Use After Free Critical CVE-2012-1887 CPAI-2012-802
Modified Data Structure Stack Overflow High CVE-2012-2543 CPAI-2012-795

 

Originally Published:

Last Updated: 14-Nov-2012

Legal Notice for Threat Center Advisories