HTTP: Microsoft Office Excel SxView SXStreamID Memory Corruption (1)
This signature detects attempts to exploit a known vulnerability in Microsoft Office Excel. It is due to the way Microsoft Office Excel handles specially crafted Excel files that include a malformed SxView record, allowing for memory corruption. Remote attackers can exploit this by enticing target users to open a malicious Excel file, potentially causing arbitrary code to be injected and executed in the security context of the current logged on user.
Extended Description
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-0821.
Affected Products
Microsoft open_xml_file_format_converter
References
CVE: CVE-2010-1245
Short Name
HTTP:STC:DL:XLS-SXSTREAMID-1
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(1) CVE-2010-1245 Corruption Excel Memory Microsoft Office SXStreamID SxView
Release Date
12/21/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3