CERT-In Vulnerability Note
CIVN-2012-0112
Multiple Vulnerabilities in Microsoft Excel
Original Issue Date:November 14, 2012
Severity Rating: MEDIUM
Systems Affected
- Microsoft Excel 2003 Service Pack 3
- Microsoft Excel 2007 Service Pack 2
- Microsoft Excel 2007 Service Pack 3
- Microsoft Excel 2010 Service Pack 1 (32-bit editions)
- Microsoft Excel 2010 Service Pack 1 (64-bit editions)
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
- Microsoft Excel Viewer
- Microsoft Office Compatibility Pack Service Pack 2
- Microsoft Office Compatibility Pack Service Pack 3
Overview
Multiple Vulnerabilities have been reported in Microsoft Excel, which could be exploited by remote attackers to execute arbitrary code to take control of the affected system.
Description
1. Excel SerAuxErrBar Heap Overflow Vulnerability
(
CVE-2012-1885
)
This vulnerability exists in Microsoft office Excel due to improper processing of SerAuxErrBar records in Microsoft Office Excel files. Successful exploitation of this vulnerability could allow the remote attacker to execute arbitrary code to take control of the affected system.
2. Excel Memory Corruption Vulnerability
(
CVE-2012-1886
)
This vulnerability exists in Microsoft office Excel due to improper memory operations by the affected software while handling certain Excel files. Successful exploitation of this vulnerability could allow the remote attacker to execute arbitrary code to take control of the affected system.
3. Excel SST Invalid Length Use After Free Vulnerability
(
CVE-2012-1887
)
This vulnerability exists in Microsoft office Excel due to improper validation of string lengths in the SharedStringTable element of the affected software. Successful exploitation of this vulnerability could allow the remote attacker to execute arbitrary code to take control of the affected system.
4. Excel Stack Overflow Vulnerability
(
CVE-2012-2543
)
This vulnerability exists in Microsoft office Excel due to a memory corruption error when the affected software parses a crafted Excel file with a modified data structure. Successful exploitation of this vulnerability could allow the remote attacker to execute arbitrary code to take control of the affected system.
Workaround
- Set Office File Validation to disable the opening of files that fail validation in Excel 2003 and Excel 2007
- Set Office File Validation to disable the edit in Protected View of files that fail validation in Excel 2010
- Use Microsoft Office File Block policy to block the opening of Office 2003 and earlier documents from unknown or untrusted sources and locations
- Use the Microsoft Office Isolated Conversion Environment (MOICE) when opening files from unknown or untrusted sources
- Do not open Excel files received from untrusted or received unexpectedly from trusted sources
Solution
Apply appropriate updates as mentioned in the Microsoft Security Bulletin
MS12-076
Vendor Information
Microsoft
http://technet.microsoft.com/en-us/security/bulletin/ms12-076
References
Microsoft
http://technet.microsoft.com/en-us/security/bulletin/ms12-076
Cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=27347
http://tools.cisco.com/security/center/viewAlert.x?alertId=27348
http://tools.cisco.com/security/center/viewAlert.x?alertId=27349
http://tools.cisco.com/security/center/viewAlert.x?alertId=27350
Security Tracker
http://www.securitytracker.com/id/1027752
CVE Name
CVE-2012-1885
CVE-2012-1886
CVE-2012-1887
CVE-2012-2543
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India
|