Gravità: : Alto
  CVE Identifier: CVE-2011-1272,CVE-2011-1273,CVE-2011-1274,CVE-2011-1275,CVE-2011-1276,CVE-2011-1277,CVE-2011-1278,CVE-2011-1279
  Data notifica: 06 luglio 2011

  Descrizione

There exists several vulnerabilities in Microsoft Office, some of which pertains to certain versions of Microsoft Excel. To exploit the vulnerabilities, an attacker must persuade a potential victim to open a malicious MS Excel file. Users who are logged on as administrators are more in risk of being negatively impacted than users who are logged on with lesser privileges.

  Informazioni esposizione:

The following Trend Micro DPI rules address exploits that may attempt to use this vulnerability:

  • 1004695 - Excel Insufficient Record Validation Vulnerability
  • 1004691 - Excel Improper Record Parsing Vulnerability
  • 1004689 - Excel Out of Bounds Array Access Vulnerability
  • 1004698 - Excel WriteAV Vulnerability
  • 1004703 - Microsoft Excel Buffer Overrun Vulnerability

  Soluzioni

  Software e versione interessati:

  • Microsoft Excel 2002 Service Pack 3 (Microsoft Office XP Service Pack 3)
  • Microsoft Excel 2003 Service Pack 3 (Microsoft Office 2003 Service Pack 3)
  • Microsoft Excel 2007 Service Pack 2 (Microsoft Office 2007 Service Pack 2)
  • Microsoft Excel 2010 (32-bit editions) (Microsoft Office 2010 (32-bit editions)
  • Microsoft Excel 2010 (64-bit editions) (Microsoft Office 2010 (64-bit editions)
  • Microsoft Office 2004 for Mac
  • Microsoft Office 2008 for Mac
  • Microsoft Office for Mac 2011
  • Open XML File Format Converter for Mac
  • Microsoft Excel Viewer Service Pack 2
  • Microsoft Office Compatibility Pack for Word
  • Excel
  • and PowerPoint 2007 File Formats Service Pack 2