Detections
Analytics

MS11-072: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2587505)

high Nessus Plugin ID 56175

Language:

Synopsis

Arbitrary code can be executed on the remote host through Microsoft Office.

Description

The remote Windows host is running a version of Microsoft Office, Excel, or a related product that is affected by several vulnerabilities.

If an attacker can trick a user on the affected host into opening a specially crafted Excel file, he could leverage this issue to execute arbitrary code subject to the user's privileges.

Solution

Microsoft has released a set of patches for Office 2003, 2007, 2010, Excel Viewer, Office Compatability Pack, Excel Services, and Excel Web App.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-11-280/

https://www.zerodayinitiative.com/advisories/ZDI-11-281/

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2011/ms11-072

Plugin Details

Severity: High

ID: 56175

File Name: smb_nt_ms11-072.nasl

Version: 1.22

Type: local

Agent: windows

Published: 9/14/2011

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:microsoft:office, cpe:/a:microsoft:excel:2007, cpe:/a:microsoft:excel:2010, cpe:/a:microsoft:excel_viewer

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/13/2011

Vulnerability Publication Date: 9/13/2011

Reference Information

CVE: CVE-2011-1986, CVE-2011-1987, CVE-2011-1988, CVE-2011-1989, CVE-2011-1990

BID: 49517, 49518, 49476, 49477, 49478