Microsoft Office Excel Remote Code Execution Vulnerability (2640241) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS11-096.

Impact

Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running the affected application. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms11-096

Insight

The flaw is due to an error when handling certain objects while parsing records and can be exploited to corrupt memory.

Affected

Microsoft Excel 2003 Service Pack 3

References

http://secunia.com/advisories/47203
http://support.microsoft.com/kb/2596954
http://technet.microsoft.com/en-us/security/bulletin/ms11-096

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3403

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Message Queuing Remote Code Execution Vulnerability (951071)
Microsoft .NET Framework Remote Code Execution Vulnerabilities (2878890)
Consent User Interface Privilege Escalation Vulnerability (2442962)
Cumulative Security Update for Internet Explorer (969897)
Message Queuing Remote Code Execution Vulnerability (951071) - Remote

Take action and discover your vulnerabilities