[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20090609171142.9C47C208001@sticky.vrt.telus.com>
Date: Tue, 9 Jun 2009 13:11:42 -0400 (EDT)
From: TELUS Security Labs - Vulnerability Research <noreply@...us.com>
To: full-disclosure@...ts.grok.org.uk
Subject: TELUS Security Labs VR - Microsoft Office Excel
Malformed Records Stack Buffer Overflow
Microsoft Office Excel Malformed Records Stack Buffer Overflow
TSL ID : FSC20090609-01
Reference: http://telussecuritylabs.com/threats/show/FSC20090609-01
1. Affected Software
Microsoft Office Excel 2000
Microsoft Office Excel 2002
Reference: http://office.microsoft.com/en-us/excel/default.aspx
2. Vulnerability Summary
A remotely exploitable vulnerability has been discovered in Microsoft Office Excel products. Specifically, the vulnerability is due to a design error encountered when parsing Excel files which contain malformed records. Remote attackers can exploit this vulnerability by enticing target users to open a malicious Excel file.
3. Vulnerability Analysis
A remote attacker can exploit the vulnerability by sending a malicious Excel file to the target system and enticing the target user to open it. A successful code execution attempt will result in the execution of arbitrary code within the security privileges of the currently logged in user. An unsuccessful attack attempt will result in abnormal termination of the Microsoft Office Excel application.
4. Vulnerability Detection
TELUS Security Labs has confirmed the vulnerability in:
Microsoft Office Excel 2000
5. Workaround
Apply the vendor's patch, remove file associations to affected files, or block Excel resources originating from untrusted networks.
6. Vendor Response
Microsoft has released a bulletin addressing this vulnerability.
Reference: http://www.microsoft.com/technet/security/bulletin/MS09-021.mspx
7. Disclosure Timeline
2008-12-23 Reported to vendor
2008-12-23 Initial vendor response
2009-06-09 Vendor disclosure
8. Credits
Vulnerability Research Team, TELUS Security Labs
9. References
CVE: FSC20090609-01
Vendor: MS09-021
10. About TELUS Security Labs Vulnerability Research Service
The Vulnerability Research Service (VRS) gives an in-depth understanding of the mechanisms and properties of software vulnerabilities. This service provides lab-based analysis of vulnerabilities based on disassembly, protocol analysis, and source-code analysis.
Our vulnerability data enables security product vendors to deliver product updates without the need for additional research. This data also gives MSPs and enterprise security teams the tools and knowledge to more effectively protect their environments without time-consuming research.
http://telussecuritylabs.com/vulnerabilities
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists