Search This Blog

Microsoft office 2007 Excel.xlb Vulnerable to Buffer Overflow Attack


This Metasploit module exploits a vulnerability found in Excel of Microsoft Office 2007. By supplying a malformed .xlb file, an attacker can control the content (source) of a memcpy routine, and the number of bytes to copy, therefore causing a stack-based buffer overflow. This results in arbitrary code execution under the context of the user.

Discovered by :
Aniway
Abyssec
sinn3r
juan vazquez

Reference taken from :
CVE 2011-0105
OSVDB 71765
MSB MS11-021

Platform : windows
Targets :
Win XP sp3 ( Vista and 7 will try to repair the file )
Microsoft Office excel 2007 on Windows XP
Microsoft Office excel 2007 SP2 on Windows XP




source:
snypter
Share it:

Application Vulnerability

Buffer Overflow

Metasploit

Microsoft Hacks

Vulnerability