Check Point Advisories

Preemptive Protection against Microsoft Excel Incorrect BIFF2 Record Parsing Code Execution (MS11-072; CVE-2011-1988)

Check Point Reference: CPAI-2011-556
Date Published: 29 Nov 2011
Severity: High
Last Updated: Saturday 01 January, 2011
Source: SecurityFocus Advisory: 49478
Industry Reference:CVE-2011-1988
Protection Provided by:
Who is Vulnerable? Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office Excel Viewer
Microsoft Open XML File Format Converter for Mac
Vulnerability Description A remote code execution vulnerability has been reported in Microsoft Excel.
Vulnerability DetailsThe vulnerability is due to a heap memory corruption while parsing certain BIFF2 records in Excel files. A remote attacker could exploit this vulnerability by enticing a target user to open a malicious BIFF2 file using a vulnerable version of Excel. Successful exploitation could allow an attacker to execute arbitrary code, in the security context of the target user.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK