HTTP: Microsoft Office Excel SxView Memory Corruption
Microsoft Office Excel contains a code execution vulnerability while parsing specially crafted Excel documents. The vulnerability is due to the way Microsoft Office Excel handles specially crafted Excel files that include a malformed SxView record, allowing for memory corruption. Remote attackers can exploit this vulnerability by enticing target users to open a malicious Excel file, potentially causing arbitrary code to be injected and executed in the security context of the current logged on user. In an attack scenario, where arbitrary code is injected and executed on the target machine, the behaviour of the target is dependent on the intention of the malicious code. If such an attack is not executed successfully, the vulnerable application may terminate abnormally.
Extended Description
Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel ('.xls') file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.
Affected Products
Microsoft excel_2003
Short Name
HTTP:STC:DL:XLS-SXVIEW
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2009-3128 Corruption Excel Memory Microsoft Office SxView bid:36944
Release Date
10/14/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3