Vulnerability Details : CVE-2011-0105

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability."
Publish Date : 2011-04-13 Last Update Date : 2011-10-04

Collapse All Expand All Select Select&Copy	Scroll To Vendor Statements(0) Additional Vendor Data(0) OVAL Definitions(0) Vulnerable Products(0) # Of Vulns By Products References(0) Metasploit Modules(0)	Comments View User Comments Add Comment	External Links Secunia Advisories XForce Advisories Vulnerability Details at NVD Vulnerability Details at Mitre Nessus Plugins Linux Kernel Git Repository First CVSS Guide
Related Tweets Even more tweets Search Twitter Search YouTube Search Google

- CVSS Scores & Vulnerability Types

Cvss Score	9.3
Confidentiality Impact	Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact	Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact	Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity	Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication	Not required (Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Execute CodeOverflow
CWE ID	119

- Related OVAL Definitions

Title	Definition Id	Class	Family
Excel Data Initialization Vulnerability	oval:org.mitre.oval:def:12618		windows

OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2011-0105

#	Product Type	Vendor	Product	Version	Update	Edition
1	Application	Microsoft	Excel	2002	SP3		Details Vulnerabilities
2	Application	Microsoft	Office	2004		MAC	Details Vulnerabilities
3	Application	Microsoft	Office	2008		MAC	Details Vulnerabilities
4	Application	Microsoft	Open Xml File Format Converter			MAC	Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
Microsoft	Excel	1
Microsoft	Office	2
Microsoft	Open Xml File Format Converter	1

- References For CVE-2011-0105

http://secunia.com/advisories/39122
SECUNIA 39122

http://technet.microsoft.com/en-us/security/bulletin/ms11-021
Microsoft Security Bulletin MS11-021 MS11-021 - Important: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279) Bulletin Severity Rating:Important - This security update resolves nine privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Release Date:2011-04-12

http://www.vupen.com/english/advisories/2011/0940
VUPEN ADV-2011-0940

http://www.securitytracker.com/id?1025337
SECTRACK 1025337

http://www.us-cert.gov/cas/techalerts/TA11-102A.html
CERT TA11-102A

- Metasploit Modules Related To CVE-2011-0105

MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
This module exploits a vulnerability found in Excel of Microsoft Office 2007. By supplying a malformed .xlb file, an attacker can control the content (source) of a memcpy routine, and the number of bytes to copy, therefore causing a stack- based buffer overflow. This results aribrary code execution under the context of user the user.