Check Point Advisories

Workaround for Microsoft Excel CrErr BIFF Record Parsing Integer Overflow Vulnerability (MS10-080)

Check Point Reference: SBP-2010-27
Date Published: 12 Oct 2010
Severity: High
Last Updated: Friday 03 December, 2010
Source: Microsoft Security Bulletin MS10-080
Industry Reference:CVE-2010-3230
Protection Provided by:
Who is Vulnerable? Microsoft Excel 2002 SP3
Vulnerability Description A memory corruption vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS10-080
Vulnerability DetailsThe vulnerability is due to an error in Microsoft Office Excel that fails to properly validate record information upon opening a specially crafted Excel file. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted Excel file that includes a malformed CrErr BIFF record. Successful exploitation of this issue may allow execution of arbitrary code on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK