CVE-2011-0097 - Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 fo

CVE-2011-0097

Summary

Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted 400h substream in an Excel file, which triggers a stack-based buffer overflow, aka "Excel Integer Overrun Vulnerability."

References

Vulnerable Configurations

cpe:2.3:a:microsoft:excel:-:-:x64:*:*:*:*:*
cpe:2.3:a:microsoft:excel:-:-:x64:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2010:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2010:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel_viewer:-:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel_viewer:-:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*

CVSS

Base:	9.3 (as of 12-10-2018 - 21:59)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

msbulletin via4

bulletin_id	MS11-021
bulletin_url
date	2011-04-12T00:00:00
impact	Remote Code Execution
knowledgebase_id	2489283
knowledgebase_url
severity	Important
title	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution

oval via4

accepted

2014-06-30T04:00:38.612-04:00

class

vulnerability

contributors

name Dragos Prisaca
organization Symantec Corporation
name Shane Shaffer
organization G2, Inc.
name Shane Shaffer
organization G2, Inc.
name Josh Turpin
organization Symantec Corporation
name Maria Kedovskaya
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT

definition_extensions

comment Microsoft Excel 2002 is installed
oval oval:org.mitre.oval:def:473
comment Microsoft Excel 2003 is installed
oval oval:org.mitre.oval:def:764
comment Microsoft Excel 2007 is installed
oval oval:org.mitre.oval:def:1745
comment Microsoft Excel 2010 is installed
oval oval:org.mitre.oval:def:12658
comment Microsoft Excel Viewer 2007 is installed
oval oval:org.mitre.oval:def:6006
comment Microsoft Office Compatibility Pack is installed
oval oval:org.mitre.oval:def:1853
comment Microsoft Office 2007 is installed
oval oval:org.mitre.oval:def:1211

description

family

windows

oval:org.mitre.oval:def:12612

status

accepted

submitted

2011-04-12T13:00:00

title

Excel Integer Overrun Vulnerability

version

refmap via4

bid	47201
cert	TA11-102A
misc	http://secunia.com/secunia_research/2011-31
osvdb	71758
sectrack	1025337
secunia	39122
vupen	ADV-2011-0940

saint via4

bid	47201
description	Microsoft Excel Substream Parsing Integer Overflow
id	win_patch_excel2007
osvdb	71758
title	excel_substream_parsing_integer_overflow
type	client

Last major update

12-10-2018 - 21:59

Published

13-04-2011 - 18:55

Last modified

12-10-2018 - 21:59