MS11-096

Executive Summary

Summary
Title	Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)

Informations
Name	MS11-096	First vendor Publication	2011-12-13
Vendor	Microsoft	Last vendor Modification	2011-12-21
Severity (Vendor)	Important	Revision	1.1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Important

Revision Note: V1.1 (December 21, 2011): Added Microsoft Office Compatibility Pack Service Pack 3 to the Non-Affected Software table. This is an informational change only. There were no changes to the detection logic or the update files.

Summary: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-3403.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms11-096

CWE : Common Weakness Enumeration

id	Name
CWE-399	Resource Management Errors
CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-94	Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12345

Oval ID:	oval:org.mitre.oval:def:12345
Title:	Excel Use after Free WriteAV Vulnerability
Description:	Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Use after Free WriteAV Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-1986	Version:	5
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7	Product(s):	Microsoft Excel 2003
Definition Synopsis:
Microsoft Excel 2003 is installed AND Excel.exe version is less than 11.0.8341.0

Definition Id: oval:org.mitre.oval:def:12953

Oval ID:	oval:org.mitre.oval:def:12953
Title:	Excel Out of Bounds Array Indexing Vulnerability
Description:	Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-1987	Version:	7
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7	Product(s):	Microsoft Excel 2003 Microsoft Excel 2010 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack
Definition Synopsis:
Vulnerable Excel 2003 (KB2553072) Microsoft Excel 2003 is installed AND Excel.exe version is less than 11.0.8341.0 OR Vulnerable Excel 2007 (KB2553073) Microsoft Excel 2007 is installed AND Excel.exe version is less than 12.0.6565.5003 OR Microsoft Office 2007 (KB2553089) Microsoft Office 2007 is installed AND Oart.dll version is less than 12.0.6565.5000 OR Microsoft Office 2007 (KB2553090) Microsoft Office 2007 is installed AND Oartconv.dll version is less than 12.0.6565.5000 OR Vulnerable Excel 2010 (KB2553070) Microsoft Excel 2010 is installed AND Excel.exe version is less than 14.0.6106.5005 OR Microsoft Office 2010 (KB2553091) Microsoft Office 2010 is installed AND Oart.dll is less than 14.0.6106.5005 OR Microsoft Office 2010 (KB2553096) Microsoft Office 2010 is installed AND Oartconv.dll is less than 14.0.6106.5005 OR Excel Viewer (KB2553075) Microsoft Excel Viewer 2007 is installed AND Xlview.exe is less than 12.0.6565.5000 OR Vulnerable Compatibility Pack, Office 2007 (KB2553074) Compatibility Pack or Office 2007 Microsoft Office Compatibility Pack is installed AND Microsoft Office 2007 is installed AND Excelcnv.exe version is less than 12.0.6565.5003

Definition Id: oval:org.mitre.oval:def:14702

Oval ID:	oval:org.mitre.oval:def:14702
Title:	Record Memory Corruption Vulnerability
Description:	Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-3403	Version:	5
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7	Product(s):	Microsoft Excel 2003
Definition Synopsis:
Microsoft Excel 2003 is installed AND Excel.exe version is less than 11.0.8342.0

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Excel cpe:/a:microsoft:excel:2010::x32 cpe:/a:microsoft:excel:2010::x64 cpe:/a:microsoft:excel:2010:sp1:x64 cpe:/a:microsoft:excel:2010:sp1:x32 cpe:/a:microsoft:excel:2007:sp2 cpe:/a:microsoft:excel:2003:sp3	6
Application	Microsoft Excel Viewer cpe:/a:microsoft:excel_viewer::sp2	1
Application	Microsoft Office cpe:/a:microsoft:office:2011::mac cpe:/a:microsoft:office:2010::x64 cpe:/a:microsoft:office:2010:sp1:x32 cpe:/a:microsoft:office:2010::x32 cpe:/a:microsoft:office:2010:sp1:x64 cpe:/a:microsoft:office:2008::mac cpe:/a:microsoft:office:2007:sp2 cpe:/a:microsoft:office:2004::mac	8
Application	Microsoft Office Compatibility Pack cpe:/a:microsoft:office_compatibility_pack:2007:sp2	1
Application	Microsoft Open Xml File Format Converter cpe:/a:microsoft:open_xml_file_format_converter:::mac	1

Open Source Vulnerability Database (OSVDB)

id	Description
77661	Microsoft Office Excel Record Parsing Object Handling Remote Memory Corruption
75384	Microsoft Office Excel Unspecified Array-Indexing Weakness Excel File Handlin...
75383	Microsoft Office Excel Unspecified Use-after-free Memory Dereference Excel Fi...

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-01-30 13:26:55	Multiple Updates

Type	Count
Oval ID(s)	3
CPE ID(s)	17
osvdb(s)	3

Related	Severity
MS12-030	(Critical)
MS11-072	(Critical)
CVE-2011-3403	(Critical)
CVE-2011-1987	(Critical)
CVE-2011-1986	(Critical)

Same Subject	Severity
Login to view 19 more Alert(s)

MS11-096

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU