Check Point Advisories

Workaround for Microsoft Excel CrErr BIFF Record Parsing Integer Overflow Vulnerability (MS10-080)

Check Point Reference: SBP-2010-27
Date Published: 12 Oct 2010
Severity: High
Last Updated: 3 Dec 2010
Source: Microsoft Security Bulletin MS10-080
Industry Reference:CVE-2010-3230
Protection Provided by:
Who is Vulnerable? Microsoft Excel 2002 SP3
Vulnerability Description A memory corruption vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS10-080
Vulnerability DetailsThe vulnerability is due to an error in Microsoft Office Excel that fails to properly validate record information upon opening a specially crafted Excel file. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted Excel file that includes a malformed CrErr BIFF record. Successful exploitation of this issue may allow execution of arbitrary code on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO