Content
(MS09-067) Excel Field Sanitization Vulnerability (972652)
- Type
- Buffer Overflow
- Impact of exploitation
- Remote Code Execution
- User Interaction
- user interaction is needed
- Attack Vector
- Maliciously Crafted File
- Rating
- Medium
- CVE reference
- CVE-2009-3134,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Excel 2002 SP3,
- Excel 2003 SP3,
- Excel 2007 SP2,
- Office for Mac 2004,
- Office for Mac 2008,
- Open XML File Format Converter for Mac 1.0,
- Excel Viewer 2003 SP3,
- Office Compatibility Pack For Word Excel Ppt 2007 ,
- Summary
- A remote code execution vulnerability exists in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object.
Tab Navigation
Description
A remote code execution vulnerability exists in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. ? The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must open an attachment that is sent in an e-mail message. ? An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
McAfee Product Mitigation & Recommendations
Recommendations
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-067.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-067) Excel Field Sanitization Vulnerability (972652)
- Signature identifier:
- 7326
- Release date:
- 11/10/2009
Additional Resources
(MS09-067) Excel Field Sanitization Vulnerability (972652)
http://www.microsoft.com/technet/security/bulletin/ms09-067.mspx
All Information
Timeline -
11/10/2009
Vendor has provided a patch.
Description -
A remote code execution vulnerability exists in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. ? The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must open an attachment that is sent in an e-mail message. ? An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
McAfee Product Mitigation & Recommendations
Recommendations -
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-067.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-067) Excel Field Sanitization Vulnerability (972652)
- Signature identifier:
- 7326
- Release date:
- 11/10/2009
Additional Resources
Additional Resources -
(MS09-067) Excel Field Sanitization Vulnerability (972652)
http://www.microsoft.com/technet/security/bulletin/ms09-067.mspx
