Microsoft Office Excel SerAuxErrBar Heap Overflow Vulnerability

Strike ID:
E12-07601
CVSS:
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
False Positive:
f
Variants:
1
Year:
2012

Description

This strike exploits an out-of-bounds array index vulnerability in Microsoft Office Excel. The vulnerability is due to improper validation of SerAuxErrBar records in Excel files. This vulnerability can lead to arbitrary code execution in the context of the current user.

CVE

Bid