Microsoft Office Excel Remote Code Execution Vulnerability (2640241) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS11-096.

Impact

Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running the affected application. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms11-096

Insight

The flaw is due to an error when handling certain objects while parsing records and can be exploited to corrupt memory.

Affected

Microsoft Excel 2003 Service Pack 3

References

http://secunia.com/advisories/47203
http://support.microsoft.com/kb/2596954
http://technet.microsoft.com/en-us/security/bulletin/ms11-096

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3403
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft DirectShow Remote Code Execution Vulnerability (977935)
Microsoft Bluetooth Stack Remote Code Execution Vulnerability (2566220)
Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulnerability (947864)
.NET JIT Compiler Vulnerability
Microsoft Groove Remote Code Execution Vulnerability (2494047)

Take action and discover your vulnerabilities