HTTP: Microsoft Office Excel XLSX File XML Decompression Parsing Code Execution
A code execution vulnerability exists in Microsoft Office Excel. The vulnerability is due to improper handling of the ZIP header in an XLSX file when decompressing certain XML elements. This vulnerability may be exploited by remote attackers to execute arbitrary code on the target machine by enticing a user into opening a specially crafted Excel XLSX document. In attack scenarios where code execution is successful the behaviour of the target machine would depend entirely on the intention of the injected code, which would run within the security context of the logged on user. In situations where code execution is not successful, the vulnerable application may terminate abnormally, leading to a denial of service condition.
Extended Description
Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims to open a specially crafted 'XLXS' Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.
Affected Products
Microsoft excel_viewer
Short Name
HTTP:STC:DL:XLS-XML-ZIP
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2010-0263 Code Decompression Excel Execution File Microsoft Office Parsing XLSX XML bid:38554
Release Date
10/18/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3717
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3