This host is installed with Microsoft Office Excel and is prone to multiple remote code execution vulnerabilities. This NVT has been replaced by NVT secpod_ms11-021.nasl (OID:1.3.6.1.4.1.25623.1.0.902410).

Successful exploitation will allow attacker to execute arbitrary code, can cause memory corruption and other attacks in the context of the application through crafted Excel file. Impact Level: System

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

The flaws are due to: - An error in the usage of a specific field used for incrementing an array index. The application will copy the contents of the specified element into a statically sized buffer on the stack. - An error in parsing Office Art record, when parsing an office art object record, if an error occurs, the application will add a stray reference to an element which is part of a linked list. When receiving a window message, the application will proceed to navigate this linked list. This will access a method from the malformed object which can lead to code execution under the context of the application.

Microsoft Office Excel 2010

• http://seclists.org/bugtraq/2011/Feb/86
• http://www.zerodayinitiative.com/advisories/ZDI-11-041/
• http://www.zerodayinitiative.com/advisories/ZDI-11-042/

---

Updated on 2017-03-28