SID 1:31436

Report a false positive

Rule Category

FILE-OFFICE -- Snort detected traffic targeting vulnerabilities in files belonging to the Microsoft Office suite of software (Excel, PowerPoint, Word, Visio, Access, Outlook, etc.).

Alert Message

FILE-OFFICE Microsoft Office Excel SXDB record memory corruption attempt

Rule Explanation

FILE-OFFICE Microsoft Office Excel SXDB record memory corruption attempt Impact: Confidentiality Impact: COMPLETE Integrity Impact: COMPLETE Availability Impact: COMPLETE Details: Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache Memory Corruption Vulnerability." Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2009-3127

Additional Links

technet.microsoft.com/en-us/security/bulletin/MS09-067

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2009-3127
 Loading description