Executive Summary

Informations
NameCVE-2011-1987First vendor Publication2011-09-15
VendorCveLast vendor Modification2012-01-26

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1987

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12953
 
Oval ID: oval:org.mitre.oval:def:12953
Title: Excel Out of Bounds Array Indexing Vulnerability
Description: Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2011-1987
Version: 11
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Product(s): Microsoft Excel 2003
Microsoft Excel 2010
Microsoft Office Excel Viewer
Microsoft Office Compatibility Pack
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application6
Application1
Application8
Application1
Application1

OpenVAS Exploits

DateDescription
2011-12-14Name : Microsoft Office Excel Remote Code Execution Vulnerability (2640241)
File : nvt/secpod_ms11-096.nasl
2011-09-14Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2587505)
File : nvt/secpod_ms11-072.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
75384Microsoft Office Excel Unspecified Array-Indexing Weakness Excel File Handlin...

Information Assurance Vulnerability Management (IAVM)

DateDescription
2011-09-15IAVM : 2011-A-0124 - Multiple Vulnerabilities in Microsoft Office Excel
Severity : Category II - VMSKEY : V0030245

Snort® IPS/IDS

DateDescription
2014-11-16Microsoft Office Excel invalid Lbl record attempt
RuleID : 31579 - Revision : 1 - Type : FILE-OFFICE
2014-11-16Microsoft Office Excel malformed chart arbitrary code execution attempt
RuleID : 31441 - Revision : 1 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel ShrFmla record use after free attempt
RuleID : 28137 - Revision : 3 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel invalid Lbl record
RuleID : 23533 - Revision : 3 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel invalid Lbl record
RuleID : 23532 - Revision : 3 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel invalid Lbl record
RuleID : 23531 - Revision : 3 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel Lel record memory corruption attempt
RuleID : 21422 - Revision : 6 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel Lel record memory corruption attempt
RuleID : 20718 - Revision : 10 - Type : FILE-OFFICE
2014-01-10Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt
RuleID : 20128 - Revision : 13 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel Conditional Formatting record vulnerability
RuleID : 20127 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel invalid Lbl record
RuleID : 20126 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel invalid Lbl record
RuleID : 20125 - Revision : 9 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel invalid Lbl record attempt
RuleID : 20124 - Revision : 12 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel ShrFmla record use after free attempt
RuleID : 20123 - Revision : 12 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel invalid AxisParent record
RuleID : 20122 - Revision : 10 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel invalid AxisParent record
RuleID : 20121 - Revision : 10 - Type : FILE-OFFICE
2014-01-10Microsoft Office Excel malformed chart arbitrary code execution attempt
RuleID : 13981 - Revision : 18 - Type : FILE-OFFICE

Nessus® Vulnerability Scanner

DateDescription
2011-12-13Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms11-096.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : macosx_ms_office_dec2011.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms11-072.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : Arbitrary code can be executed on the remote host through Microsoft Excel.
File : macosx_ms11-072.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
CERThttp://www.us-cert.gov/cas/techalerts/TA11-256A.html
MShttp://technet.microsoft.com/en-us/security/bulletin/MS11-072

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2014-11-16 21:24:33
  • Multiple Updates
2014-06-05 21:22:35
  • Multiple Updates
2014-02-17 11:02:32
  • Multiple Updates
2014-01-19 21:27:51
  • Multiple Updates
2013-11-11 12:39:25
  • Multiple Updates
2013-05-10 23:00:57
  • Multiple Updates