Check Point Advisories

Preemptive Protection against Microsoft Excel Heap Corruption Code Execution (MS11-072; CVE-2011-1988)

Check Point Reference: CPAI-2011-412
Date Published: 13 Sep 2011
Severity: High
Last Updated: Saturday 01 January, 2011
Source: Microsoft Security Bulletin MS11-072
Industry Reference:CVE-2011-1988
Protection Provided by:
Who is Vulnerable? Microsoft Excel 2003 Service Pack 3
Microsoft Excel 2007 Service Pack 2
Microsoft Office 2007 Service Pack 2
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
Microsoft Excel Viewer Service Pack 2
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Vulnerability Description A remote code execution vulnerability has been reported in Microsoft Excel. A remote attacker could exploit this vulnerability to execute arbitrary code in an affected system.
Vulnerability DetailsThe vulnerability is due to an error in the way Excel parses certain records in Excel files. A remote attacker could trigger this vulnerability by enticing an affected user to open a malicious Excel file. Successful exploitation would allow an attacker to gain complete control over an affected system, in the security context of the logged-on user.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK