Check Point Advisories

Microsoft Office Excel Use-after-free Code Execution (MS11-072)

Check Point Reference: CPAI-2011-119
Date Published: 13 Sep 2011
Severity: High
Last Updated: 1 Jan 2011
Source: Microsoft Security Bulletin MS11-072
Industry Reference:CVE-2011-1986
Protection Provided by:
Who is Vulnerable? Microsoft Excel 2003
Vulnerability Description A remote code execution vulnerability has been reported in Microsoft Office Excel. A remote attacker could exploit this vulnerability to execute arbitrary code in an affected system.
Update/Patch AvaliableMicrosoft Security Bulletin MS11-074
Vulnerability DetailsThe vulnerability is due to lack of validation of certain record structures while handling specially crafted Excel files. A remote attacker could trigger this vulnerability by enticing an unsuspecting user to open a webpage containing a malicious Excel file. Successful exploitation would allow an attacker to gain complete control over an affected system, in the security context of the local user.

Protection Overview

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO