Check Point Advisories

Workaround for Multiple Microsoft Office Excel BIFF4, BIFF5, and BIFF6 Records Vulnerabilities (MS11-021)

Check Point Reference: SBP-2011-06
Date Published: 12 Apr 2011
Severity: High
Last Updated: 15 Apr 2011
Source: Microsoft Security Bulletin MS11-021
Industry Reference:CVE-2011-0097
CVE-2011-0098
CVE-2011-0103
Protection Provided by:
Who is Vulnerable? Microsoft Excel 2002 SP3 Microsoft Excel 2003 SP3 Microsoft Excel 2007 SP2 Microsoft Exce 2010 (32-bit editions) Microsoft Excel (64-bit editions) Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac Microsoft Excel Viewer SP2 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2
Vulnerability Description Multiple memory corruption vulnerabilities have been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit these issues via a malformed Excel file. Successful exploitation of these vulnerabilities may allow execution of arbitrary code on a target system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS11-021 
Vulnerability DetailsThe vulnerabilities are due to a memory handling error in Microsoft Office Excel during validation of record information while parsing a specially crafted Excel file. A remote attacker could trigger this flaw by convincing a victim to open a malicious Office file. Successful exploitation of this issue may corrupt system memory, allowing execution of arbitrary code on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO