HTTP: Microsoft Office Excel Sheet Object Type Confusion
This signature detects attempts to exploit a known code execution vulnerability exists in Microsoft Office Excel. It is due to a memory corruption error when processing a malformed BoundSheet record in an Excel spreadsheet. This can be exploited by remote unauthenticated attackers to execute arbitrary code on the target machine by enticing a user into opening a specially crafted Excel document. In a successful attack, the behavior of the target machine depends entirely on the logic of the injected code, which runs within the security context of the logged on user. In an unsuccessful attack, the vulnerable application can terminate abnormally.
Extended Description
Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel ('.xls') file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.
Affected Products
Microsoft excel_2003
Short Name
HTTP:STC:DL:XLS-SHEET-OBJ
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2010-0258 Confusion Excel Microsoft Object Office Sheet Type bid:38550
Release Date
10/14/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3733
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3