HTTP: Microsoft Excel CVE-2017-11878 Memory Corruption

This signature detects attempts to exploit a known vulnerability against Microsoft Excel. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewer 2007 Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Excel Memory Corruption Vulnerability".

Affected Products

Microsoft excel

References

CVE: CVE-2017-11878

Short Name
HTTP:STC:DL:CVE-2017-11878-MC
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-11878 Corruption Excel Memory Microsoft
Release Date
11/14/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3639
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?