Check Point Advisories

Preemptive Protection against Microsoft Office Excel HLink Record Remote Code Execution Vulnerability (MS11-021)

Check Point Reference: CPAI-2011-204
Date Published: 12 Apr 2011
Severity: High
Last Updated: Saturday 01 January, 2011
Source: Microsoft Security Bulletin MS11-021
Industry Reference:CVE-2011-0104
Protection Provided by:
Who is Vulnerable? Microsoft Excel 2002 SP3 Microsoft Excel 2003 SP3 Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac
Vulnerability Description A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS11-021
Vulnerability DetailsThe vulnerability is due to a memory handling error in Microsoft Office Excel during validation of record information while parsing a specially crafted Excel file. A remote attacker could trigger this flaw by convincing a victim to open a malicious Office file. Successful exploitation of this issue may corrupt system memory, allowing execution of arbitrary code on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK