HTTP: Microsoft Office Excel Chart Object Memory Corruption
This signature detects attempts to exploit a known vulnerability in Microsoft Office Excel. It is due to the way the product parses Excel documents, allowing for memory corruption. Remote attackers can exploit this by enticing target users to open a malicious Excel file, potentially causing arbitrary code to be injected and executed in the security context of the current logged on user.
Extended Description
Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel ('.xls') file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.
Affected Products
Avaya messaging_application_server,Microsoft excel_viewer
Short Name
HTTP:STC:DL:XLS-CHART-OBJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2010-0822 CVE-2010-0823 Chart Corruption Excel Memory Microsoft Object Office bid:40520 bid:40521
Release Date
10/05/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
9.3