module
MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
| Disclosed | Created |
|---|---|
| Aug 9, 2011 | May 30, 2018 |
Disclosed
Aug 9, 2011
Created
May 30, 2018
Description
This module exploits a vulnerability found in Excel of Microsoft Office 2007.
By supplying a malformed .xlb file, an attacker can control the content (source)
of a memcpy routine, and the number of bytes to copy, therefore causing a stack-
based buffer overflow. This results in arbitrary code execution under the context of
the user.
By supplying a malformed .xlb file, an attacker can control the content (source)
of a memcpy routine, and the number of bytes to copy, therefore causing a stack-
based buffer overflow. This results in arbitrary code execution under the context of
the user.
Authors
Aniway
Unknown
sinn3r sinn3r@metasploit.com
juan vazquez juan.vazquez@metasploit.com
Unknown
sinn3r sinn3r@metasploit.com
juan vazquez juan.vazquez@metasploit.com
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.