Microsoft Office Excel Remote Code Execution Vulnerability (2269707) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS10-057.

Impact

Successful exploitation could allow attackers to execute arbitrary code or to compromise a vulnerable system. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms10-057.mspx

Insight

The issue is caused by a memory corruption error when processing malformed Excel data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious document.

Affected

Microsoft Office Excel 2002 Service Pack 3 Microsoft Office Excel 2003 Service Pack 3

References

http://www.microsoft.com/technet/security/bulletin/ms10-057.mspx
http://www.vupen.com/english/advisories/2010/2054

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2562

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Expression Design Remote Code Execution Vulnerability (2651018)
Microsoft Forefront Protection For Exchange RCE Vulnerability (2927022)
.NET JIT Compiler Vulnerability
Cumulative Security Update for Internet Explorer (931768)
Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulnerability (947864)

Take action and discover your vulnerabilities