HTTP: Microsoft Office VBA Module Stream Use after Free

A use-after-free vulnerability has been identified in Microsoft Excel. The vulnerability can be exploited by enticing a user to open a crafted file and perform certain actions. If exploited successfully, the vulnerability could possibly permit execution of arbitrary code in the security context of the target user. At the time of writing no patch or advisory regarding this vulnerability was available from Microsoft.

Short Name
HTTP:STC:DL:OFFICE-VBA-UAF
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Free Microsoft Module Office Stream Use VBA after
Release Date
01/12/2012
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3578
False Positive
Rarely

Found a potential security threat?