Detalji

Otkriveno je nekoliko ranjivosti u programskom alatu Excel, sastavnom dijelu uredskog paketa Microsoft Office. Ranjivosti se očituju pri parsiranju posebno oblikovnih Excel dokumenata, točnije kod obrade Art objekata i Axis značajki. Zbog pogrešaka u funkcijama koje se odnose na neispravno indeksiranje nizova i nepravilno upravljanje memorijom, udaljeni napadač ima mogućnost pokretanja proizvoljnog programskog koda. Kako bi napad uspio, napadač mora navesti korisnika na otvaranje posebno oblikovanog Excel dokumenta. Za sada ne postoji nadogradnja koja otklanja spomenute ranjivosti.

Microsoft Office Excel Document Parsing Code Execution Vulnerabilities

VUPEN ID 	VUPEN/ADV-2011-0311
CVE ID 	GENERIC-MAP-NOMATCH
 
CWE ID 	Available in VUPEN VNS Customer Area
CVSS V2 	Available in VUPEN VNS Customer Area
Rated as 	Critical 
Impact 	Available in VUPEN VNS Customer Area
Authentication Level 	Available in VUPEN VNS Customer Area
Access Vector 	Available in VUPEN VNS Customer Area
Release Date 	2011-02-08
Share 	Twitter LinkedIn Facebook Delicious Digg Slashdot

Technical Description

Multiple vulnerabilities have been identified in Microsoft Office Excel, which could be exploited by attackers to compromise a vulnerable system. These issues are caused by memory corruptions, use-after-free and array indexing errors when parsing Art objects, Axis properties, or Shape data within Excel documents, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel file.

Affected Products

Microsoft Office Excel 2007
Microsoft Office Excel 2003
Microsoft Office Excel 2002

Microsoft Office 2007
Microsoft Office 2003
Microsoft Office 2002

Solution 

VUPEN Security is not aware of any vendor-supplied patch.

References

http://www.vupen.com/english/advisories/2011/0311
http://www.zerodayinitiative.com/advisories/ZDI-11-040/
http://www.zerodayinitiative.com/advisories/ZDI-11-041/
http://www.zerodayinitiative.com/advisories/ZDI-11-042/
http://www.zerodayinitiative.com/advisories/ZDI-11-043/

Credits 

Vulnerabilities reported by TippingPoint ZDI.

Changelog 

2011-02-08 : Initial release

Idi na vrh