Microsoft Office Excel Malformed Obj Record Stack Buffer OverflowAdded: 07/22/2010
BackgroundMicrosoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms.
ProblemMicrosoft Excel is vulnerable to a buffer overflow when processing malformed OBJ (recType 0x5D) records. This vulnerability could be exploited to execute arbitrary code by tricking a user into opening a specially crafted Excel document.
ResolutionApply the patch referenced in Microsoft Security Bulletin 10-038.
LimitationsExploit works on Microsoft Office Excel 2007 SP2 and requires a user to open the exploit file in Microsoft Office Excel.
Macros must be enabled in Excel.
There may be a delay before the exploit succeeds.
This exploit requires the Compress::Zlib PERL module.
Back to exploit index