Microsoft Office Excel Multiple Vulnerabilities

by Carol~ Moderator - 11/13/12 12:04 PM

In Reply to: VULNERABILITIES / FIXES - November 13, 2012 by Carol~ Moderator

Release Date : 2012-11-13

Criticality level : Highly critical
Impact : System access
Where : Froom remote
Solution Status: Vendor Patch

Software: Microsoft Excel 2003
Microsoft Excel 2010
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2007
Microsoft Office 2008 for Mac
Microsoft Office 2008 for Mac
Microsoft Office 2010
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office Excel 2007
Microsoft Office Excel Viewer 2007
Microsoft Office for Mac 2011

Description:
Multiple vulnerabilities have been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system.

1) An error when processing the "SerAuxErrBar" record can be exploited to cause a heap-based buffer overflow via a specially crafted file.

2) An input validation error can be exploited to corrupt memory via a specially crafted file.

3) A use-after-free error when processing the "SST" record can be exploited via a specially crafted file.

4) An error when processing certain data structures can be exploited to cause a stack-based buffer overflow via a specially crafted file.

Successful exploitation of the vulnerabilities allows execution of arbitrary code, but requires tricking a user into opening a malicious file.

Solution:
Apply patches.

Provided and/or discovered by:
The vendor credits:
1) Sean Larsson via iDefense.
2, 3) An anonymous person via iDefense.
4) An anonymous person via ZDI.

Original Advisory:
MS12-076 (KB2597126, KB2687307, KB2687311, KB2687313, KB2687481, KB2764047, KB2764048):
http://technet.microsoft.com/en-us/security/bulletin/ms12-076

http://secunia.com/advisories/51242/